Opened 8 months ago
Closed 8 months ago
#1154 closed defect (pending)
ietf-nat64 and Pulse Secure VPN
| Reported by: | Owned by: | ||
|---|---|---|---|
| Priority: | tbd | Milestone: | ietf-100 |
| Component: | nat64 | Keywords: | |
| Cc: | Clemens Schrimpe | My Current Location: | |
| My MAC Address: | My OS: |
Description
When using ietf-nat64 with the Pulse Secure VPN I can't access network resources from the other side of the VPN. This is apparently because Pulse is not updating the system nameservers so they still point to the IETF v6 nameservers instead of the V4-only ones inside my company, and thus I only get the externally-visible resolution (or lack thereof). Attempting to resolve this by updating the nameservers in System Preferences -> Network -> Wi-Fi -> Advanced... did not fix the problem, even after DNS cache flush, nor did updating /etc/resolv.conf. This honestly kind of surprised me; I really thought updating them in System Preferences, though annoying, would work. I'm using Pulse Secure version 5.2.5 (build 869) on OS X 10.12.6 (Sierra).
Change history (4)
comment:1 Changed 8 months ago by
| Component: | incoming → nat64 |
|---|---|
| Owner: | changed from < default > to jim@… |
| Status: | new → assigned |
comment:2 follow-up: 2 Changed 8 months ago by
Yupp, Jen Linkova. Sent from my iPhone > On Nov 11, 2017, at 2:15 PM, IETF Tickets/NOC <tickets@meeting.ietf.org> wrote: > > #1154: ietf-nat64 and Pulse Secure VPN > --------------------------+-------------------------------- > Reporter: tale@… | Owner: jim@… > Type: request | Status: assigned > Priority: tbd | Milestone: ietf-100 > Component: nat64 | Resolution: > Keywords: | My Current Location: > My MAC Address: | My OS: > --------------------------+-------------------------------- > Changes (by llynch@…): > > * owner: < default > => jim@… > * status: new => assigned > * component: incoming => nat64 > > > Comment: > > Jim - > > Do we have an owner for the 6/4 experiment? > > - Lucy > > -- > Ticket URL: <https://tickets.meeting.ietf.org/ticket/1154#comment:1> > IETF Tickets/NOC <https://tickets.meeting.ietf.org> > IETF Meeting Tickets - NOC pages
comment:3 Changed 8 months ago by
| Cc: | Clemens Schrimpe added |
|---|---|
| Owner: | changed from jim@… to panda@… |
| Type: | request → defect |
comment:4 Changed 8 months ago by
| Resolution: | → pending |
|---|---|
| Status: | assigned → closed |
Thanks for trying the NAT64 network (SSID ietf-nat64) and reporting your experience. As far as we can tell, the issue you reported is either an issue of the NAT64 implementation’s handling of that specific traffic or the given application vendor's implementation. We’re collecting all the issues that come up and will pass the reports back to the vendor at the end of the week. Hopefully this will lead to better implementations and greater functionality for the next meeting. If you’re curious about other known issues, please see https://tickets.meeting.ietf.org/wiki/nat64
If you have additional input on this issue please update the ticket, if you see new issues please open additional tickets.
Thanks -
Jim -
Do we have an owner for the 6/4 experiment?