Skip to main content

How can we help you?

Search

help Knowledge Base
forum Community
checklist Release Notes
event Events

Having Trouble with Mixed Internal/External Application

Tim Jamison

Scenario:

We are a local government agency with 320 users and 600 endpoints.
We access local resources on our network and on other agencies like the courts and county.
Our internal addresses and our locally connected partner agency addresses are within our local DNS servers.
When accessing the internet, we have two groups with different rules.
               Group 1.  Can only access websites in an explicit ALLOW list.
               Group 2.  Can access ANY website (the firewall will block the bad sites by category)
 

The main issue thus far with the client install is a mixed environment application.  The main application is hosted on a partner network (in our local DNS) but the app is frontended by an OKTA server that collects the email address, before routing. This app does not launch when the client is installed.  How do we point externally to the FilterDNS servers and then next internally?

Comments

1 comment

Date Votes
  • Minetta Gould Community Team DNSFilter Staff

    Hi Tim Jamison, thanks for reaching out! 

    Based on what you described, this likely relates to how DNS is being resolved once the Roaming Client is installed. Since Okta is external but the application resolves internally, the redirect may fail if internal domains are not properly configured to use your local DNS servers.

    Here are the first things to check:

    • Confirm the internal and partner agency domains are added under Local Domains, with the correct local DNS resolver IPs configured.
    • Attempt to launch the app and review the DNS Query Log for any blocked Okta, redirect, or application-related domains.
    • Verify the internal hostname resolves to the expected internal IP while the client is active.

    If the issue continues, please let us know:

    • The URL users start with and the internal hostname they’re redirected to
    • Whether VPN is in use
    • The Roaming Client mode (Classic or PreCheck if using a Windows agent)
    • Any related blocked domains shown in the Query Log

    From there, we can determine whether this is a DNS routing or policy-related issue and guide next steps. 

    0

Please sign in to leave a comment.

New post

Featured posts