Set DNS Servers for VPN Profile

Would you mind sharing your network setup script so that I can see what you did?

I figured out another way to do it, with a little help from adroitboy.

I'm packaging the profile with a postinstall script that installs the profile and then sets the dns servers once installed.

Shouldn't the VPN servers DHCP push these out?

Normally, yes. But we're a Medical Institution that is part of a University system. The Health System and the University have their own networks. The VPN is on the University system, but our users will still need access to some of the sites hosted on the Health System network, and the University DNS servers do not have pointers to those sites. Not only that, but in order to access the Health System sites, their DNS server has to be listed first.

@cgreid Ah, that's a shame!

@adroitboy Could you please share your network setup script in order i can implement the same

@rastogisagar As far as I can tell Pulse Secure DNS configuration is independent from the DNS settings in System Preferences' Network configuration. You'll need to have your DNS settings in your Pulse Secure configuration (and no, I don't know how that configuration is set up as my organization's VPN team controls that)

@cgreid

Yes could you share your post install script. I am trying to do the same via

open /path to mobileconfig

which brings up user interaction to complete the install which works fine, but my second piece of the script to call networksetup -setdnsservers .... fails.

I tried using wait as well an intermediate step that uses an util loop with networksetup -listallnetworkservices to give the script time to recognize the new network interface.

Would love to see your code.

Okay for all you that may want to do the same thing I figured this out. Here is a perl script you guys can edit. Of course you will want to replace "X.X.X.X X.X.X.Y" with your DNS servers.

#!/usr/bin/perl -w

use strict;

# Start the VPN config install by having the Finder launch the mobileconfig file
system('open /SMCVPN.mobileconfig');

# Give the user time to do the install
sleep 30;

# Check for the presence of SMC-VPN in the list of network services
# try for a maximum of 10 times
for (1..10)
    {
    my $result = `networksetup -listallnetworkservices | grep -i SMC-VPN`;
    chomp $result;
    if($result)
        {
        # We've found SMC-VPN
        # Wait a few seconds
        sleep 3;
        #Update DNS
        system('networksetup -setdnsservers SMC-VPN X.X.X.X X.X.X.Y');
        sleep 3;
        # Restart mDNSResponder
        system('killall -HUP mDNSResponder');
        # Report success to the user
        system ("osascript -e 'display alert "VPN Configured" message "SMC-VPN has been configured." buttons "OK" default button "OK" giving up after 10'");
        system('rm /SMCVPN.mobileconfig');
        exit;       
        }
    }

# Report failure to the user. Most likely caused by user abort.
system ("osascript -e 'display alert "VPN Not Found" as critical message "SMC-VPN was not found in your network preferences. Unable to complete setup." buttons "OK" default button "OK"'");

I know this thread is old but do those commands still work? We are pushing out a VPN profile from Jamf to 10.15 computers but running the command using terminal networksetup -setdnsservers $OURVPN_INERFACE $IPADDRESS command and networksetup -setsearchdomains $OURVPN_INERFACE $OURDOMAINS. If we manually set them up through Network Settings it works. There is a problem with our VPN vendor where they are passing values incorrectly so our VPN is not working.