Hi,
If you’ve already emailed us in the past then it’s likely we’ve already recommended similar troubleshooting steps to those outlined below, however they do cover the possible causes so please do make sure you run through them with any end users experiencing problems.
Firstly, make sure that they’re using the latest version of Viscosity (1.11.5 at the time of writing). If they’re using an old version they may be running into bugs or compatibility issues. Also make sure their copy of Windows is up to date with the latest updates.
You’ll then want to make sure they’re actually experiencing a DNS related issue, rather than a different network issue. When trying to access something like a webpage, the first thing the computer does is attempt to perform a DNS lookup: if there is a different network problem (such as a routing issue) then this lookup will likely fail and the browser may display a DNS/lookup timeout error message even though the actual underlying problem is something else.
When a user finds that their VPN connection is no longer working they should try running through the “Checking For A DNS Problem” and “Checking For A Routing Problem” sections in the following article to see whether it could be a network related issue. For example, the underlying VPN connection may be dropping out, or they may have a routing conflict when a DHCP renew on their local network takes place, etc.
https://www.sparklabs.com/support/kb/article/troubleshooting-connection-problems/#unable-to-use-the-vpn-connection
Also keep in mind that OpenVPN may not detect a dropped VPN connection immediately (it depends on the ping/ping-restart values), so when a user’s network connectivity is lost have them try waiting several minutes to see whether OpenVPN detects that a drop-out has occurred in the log (typically with more information).
If after running through the above steps you find that it does appear to be a DNS issue, then the following article covers the possible causes. You’ll only want to follow the troubleshooting steps listed in the article while the VPN connection isn’t working, as you likely won’t gain much insight if the VPN connection is in a working state.
https://www.sparklabs.com/support/kb/article/troubleshooting-dns-problems/
As the above article also touches on, you’ll want to check for any potentially conflicting software. This is particularly important as you mention only some users are experiencing issues, so it may be due to something they have installed on their machine. Such software can often react to network changes, or periodically apply settings, which could be causing network or DNS issues.
In particular check for installed Endpoint Security Software. Such software includes things like Antivirus software, firewall software, filtering software, device management software, DNS proxies, certain networking tools and drivers, and some other VPN clients. Some endpoint security software (typically installed on enterprise machines) can be quite aggressive and block or inject itself into system processes, which can cause issues. If any such software is installed, try temporarily disabling it or whitelisting/excluding Viscosity and see whether the issue persists. You may need to uninstall/reinstall Viscosity after uninstalling/disabling any such software.
It’s also worth checking the Windows Event Viewer for any errors or warnings around the time a user loses network connectivity, not just from Viscosity but from Windows and all applications.
https://www.sparklabs.com/support/kb/article/viewing-the-event-viewer/
Finally, don’t forget to check the logs on your OpenVPN server (as well as DNS server etc.). Look for log messages around the time a user reports lost network access. It’s possible that this may be unrelated to the end user’s computer, and something on the server is changing and causing the network/DNS issues (such as conflicting connections using the same credentials).
Regards,
Aaron
