M and MSM Series
cancel
Showing results for 
Search instead for 
Did you mean: 

Access Controller VSC DNS reply 123.123.123.123

 
Highlighted
Fredrik Lönnman
Honored Contributor

Access Controller VSC DNS reply 123.123.123.123

Does anyone know if its possible to change the standard behavior of the MSM controller to reply with 123.123.123.13 on DNS requests that doesnt exist? I can't really understand HP doing this since 123.112.0.0/12 is owned by China Unicom.

---
CCIE Service Provider
MASE Network Infrastructure [2011]
H3CSE
CCNP R&S

3 REPLIES 3
Highlighted
DougB-CCCP
Frequent Advisor

Re: Access Controller VSC DNS reply 123.123.123.123

This is caused by the DNS redirection/capture function on the controller.  If you disable these under Network > DNS, this should go away.

 

Otherwise set a valid DNS server under that same menu and that too should fix the problem.

----------------
HP ASE (Mobility), Infrastructure Engineer
Highlighted
Fredrik Lönnman
Honored Contributor

Re: Access Controller VSC DNS reply 123.123.123.123

Sure, but I do want the DNS capture function since this is a semipublic guest net. And they do have valid DNS servers, everything works great when querying valid DNS names.

 

But we have encountered guests connecting to the guest VSC that have an internal startpage (start.company.ad) and also virus protection that has blacklisted the ip 123.123.123.123 due to spam etc. This adds up to the guests getting a antivirus warning when connecting to the guest net and this is really not disirable.

 

I'm really interested in the decision to use a perfectly valid IP external from a network block that is not owned by them as the DNS reply.

---
CCIE Service Provider
MASE Network Infrastructure [2011]
H3CSE
CCNP R&S

Highlighted
elizaactiveansw
Occasional Visitor

Re: Access Controller VSC DNS reply 123.123.123.123

Sorry for reopening the topic of 6 years ago.

I am exactly with the same problem reported. Did you solve the problem?
I already tested several configurations and firmware versions but it did not work.

It is not an option to disable DNS Interception because it is a GUEST wireless network that uses the authentication portal.