I recently upgraded my Mac Mini M1 to Ventura. Upon updating the VPN quit working. More to the point, the VPN would connect but the specific servers I needed to connect to, the DNS did not work. In order to get the connection to work, I had to manually update my /etc/hosts file. Any idea why this is an issue?
Mac mini, macOS 13.6
Check the DNS settings for your VPN connection.
Usually, it should be automatic, but if you have manually set up a DNS server address it may be the problem:
I forgot to mention that I am using the OpenVPN client to connect to the VPN. This VPN is just to connect to a couple servers at an offsite location from mine. Previously, I was on Monterey and the there were no issues connecting. I tried to use the internal VPN connection options as you indicated, but I could not get it to connect at all.
devildog1069 wrote:
Any idea why this is an issue?
Because Apple makes consumer devices used by 100 million people. Plus, Apple is under intense scrutiny for any issues related to security.
Some random antivirus app can take down half the world and that's just an another day. But if Apple doesn't update some a system service, disabled by default, because of a security vulnerability involving that service on a different operating system, people will freak out for a month. I'm not exaggerating here. The old sshd thread was updated just this morning.
What that means is that people who roll their own services are going to have to comply with those consumer-market expectations. I realize this is just your own VPN used for a couple of your own offsite servers. But there is nothing stopping you from selling this VPN to people who don't know any better. That is what constitutes a significant portion of current macOS "security" products. So if someone wants to use a VPN on a Mac, Apple doesn't allow the DNS to go over cleartext. Otherwise, all of these scam VPNs that are so popular wouldn't actually be providing people the security they expect.
You can configure your VPN to provide DNS. Or you could use one of those new "mesh" VPNs. Supposedly, some of those are actually legitimate.
I have never used OpenVPN or other VPN tools other than the built-in.
Is there a setting for DNS there?
under advanced setting the only option is a checkbox for "DNS Fallback", which I have enabled.
VPN Connects, but DNS not working...
