cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

VPN DNS - Host name, Not FQDN

SOLVED
Getting noticed

VPN DNS - Host name, Not FQDN

Hey All,

 

on client vpn, is there a way to support only using short hostnames for DNS requests, rather than typing full FQDN?

 

my previous security appliance supported this option.

Zane D - IT Manager in Sin City NV
1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Kind of a big deal

Re: VPN DNS - Host name, Not FQDN

You can set the search domains for the VPN connection. On macOS it's called "Search Domains" and on Windows it's the DNS suffix list. The MX will not supply this info to VPN clients, so you'll need to set it on the devices. 

MRCUR | CMNO #12

View solution in original post

5 REPLIES 5
Highlighted
Kind of a big deal

Re: VPN DNS - Host name, Not FQDN

You can set the search domains for the VPN connection. On macOS it's called "Search Domains" and on Windows it's the DNS suffix list. The MX will not supply this info to VPN clients, so you'll need to set it on the devices. 

MRCUR | CMNO #12

View solution in original post

Just browsing

Re: VPN DNS - Host name, Not FQDN

What about iOS search domains connected to VPN. Search domains are not able to be set there. It needs DHCP scope option 15 to work. Is there a way for the MX to have that? It will simplify the configuration on mobile devices.

 

Thanks

Kind of a big deal

Re: VPN DNS - Host name, Not FQDN

@lauraCanadaIT There is no way to customize the DHCP options for the client VPN subnet that I'm aware of. If you issue a mobile config profile to your iOS users to set up the VPN, perhaps you can supply the DNS suffix with that config. 

MRCUR | CMNO #12
Just browsing

Re: VPN DNS - Host name, Not FQDN

@MRCURUnfortunately, The MDM from Meraki does not allow custom profiles and iOS profiles doesn't allow it as well. I'm a little stuck here.

Comes here often

Re: VPN DNS - Host name, Not FQDN

Has anyone found a solution to this? All our users have shortcuts to files e.g. \\server01\file having to recreate shortcuts and/or training users to use \\server01.domain.local\file is going to be tiring.

 

Appending DNS suffixes to the VPN connection is greyed out in Windows 10 and adding the suffix to the "DNS Suffix for this connection" option doesn't seem to help either? Plus our DFS namespace seems to be unreachable even with the suffix added.

Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.