[ previous ] [ next ] [ threads ]
 From:  Mark Opert <marko at clinedavis dot com>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  DNS problems with Apple and AD
 Date:  Thu, 31 Aug 2006 13:01:09 -0400
I am testing a m0n0wall captive portal with our corporate wireless network
and have found a problem for us.
With our large number Apple laptops that are bound to Active Directory, the
laptops become incapacitated when they boot up from a DNS issue.

When the Apple systems boot they perform a DNS lookup for the AD servers.
M0n0wall blocks all the DNS lookups until it is an authorized machine. So
the Apple system hangs by either waiting for a response from an AD server,
if the m0nowall is a DNS relay, or the Apple system freezes attempting to
contact a DNS server that m0n0wall is blocking.

This occurs at boot for all systems and logout for any system that has not
authorized from the m0nowall portal page.

What the Apple systems need it when the system boots and makes a request for
ad.xxx.com to respond with a failure (no answer does not work, it must be a
failure), and once the laptop makes a portal login to get a different DNS
server that will then respond with the proper addresses.

Has anyone have a suggestion?

Thank you