My company provided me with a Dull laptop for work, but for the last 1.6 years, I’ve been using my personal 2019 MacBook Pro (MacOS v14.6.1). I’ve set it up with all of the requisite apps that I need, including NetSkope and Global Protect VPN. I’ve always been able to connect to everything internal to the company via either NetSkope or VPN, and never had a problem. However, starting last week, there are now two internal websites/services that I can’t connect to, each stating “Server not found.” The same remains true when I run an nslookup, traceroute, or ping the sites. I can connect to everything else. I’ve flushed my DNS cache, rebooted, shutdown, but still no joy. Reaching out to the site owners, they report that there have been no changes, and other personal Mac users that I’ve spoken to are able to connect to the sites that I’m unable to. Because I’m using a personal device, the IT networking team won’t support me. Using my Dull laptop I am able to connect to those sites when connected via VPN or NetSkope.
You could try editing your /etc/hosts file to hard-code the IP address for the internal services’ domain names. Basically, you’d be providing your own answer to the DNS lookup ahead of time. I’m not clear on whether/when VPN config might override a line in etc/hosts, though.
I had to obtain the various IP addresses from a co-worker, and add them to /etc/hosts. Doing so worked like a charm! I’d forgotten all about /etc/hosts! Thanks for you help! It’s very much appreciated!
@cornchip - thanks for suggesting this (editing Hosts file) in response to @TallTrees question.
Will editing the Hosts file solve the problem of Safari’s error message in response to accessing my router/gateway? I should be able to access my router by typing in the local address 192.168.1.1, but that results in Safari’s error message. See screenshot below.
I assume the error is triggered because Safari does not recognize a valid certificate. Would editing the Hosts file work to avoid the error message and eliminate the need to click through the dire warnings?
screenshots of error message and view of certificate:
After modifying the Hosts file as suggested, typing “https://unifi.local” or simply “unifi.local” into Safari’s address bar displays the Unifi OS Console admin page, ready to enter username/password. No error message.
Typing “192.168.1.1” elicits Safari’s Connection Not Private error message, same as before.
So my understanding is the following:
The Hosts file modification maps the hostname “unifi.local” to 192.168.1.1. (Or is it the other way around?)
Unifi is configured to respond to that hostname – I suppose this is because the hostname matches the certificate?
Safari’s certificate-checking function is bypassed somehow.
If I type “unifi.local” or “https://unifi.local” into Safari’s address bar in a different Mac without the Hosts file modiciation, Safari cannot resolve this.
Essentially, yes. The Unifi web server is configured to use that hostname and also to deliver the cert for that hostname to your browser.
Safari still checks the cert, but it passes because the cert is for unifi.local and you were accessing via unifi.local, so the connection is trustworthy.
