18 Jan 2018

Fixing Windows Subsystem for Linux (WSL) name resolution errors with VPN

If you've used WSL on a system that connects to a corporate environment you may have experienced issues resolving host names, particularly for your internal network.   Here's how to resolve that.  The primary issue is the interaction between the DNS changes the VPN connection creates (switching to corporate internal DNS) and how WSL discovers DNS settings to populate /etc/resolv.conf is flawed, this is how I fixed it for my corporate VPN solution (GlobalProtect).

My fictional internal domain is CONTOSO.COM in this example with DNS servers internally on 172.16.3.24 and 172.16.3.25.

Delete /etc/resolv.conf by typing:

 sudo rm /etc/resolv.conf

When prompted, enter the password you created when installing WSL.

Now Enter the following command:

 sudo vi /etc/resolv.conf

VI is driven entirely by hotkeys, so I will put in BOLD all hotkey presses. Now press i to start inserting new content into the file. The word --- INSERT --- should appear at the bottom of the editor. Alter the file so that it looks like this:

search contoso.com
nameserver 10.3.17.24
nameserver 10.3.17.25
nameserver 8.8.8.8
nameserver 8.8.4.4

This will configure WSL to use CONTOSO's internal DNS servers and if they do not respond it will fail over to google. We also set it up to automatically search all our internal domains. Once complete press ESC then :wq to write the file to disk and exit.

You should now be back at the command prompt, now we'll ensure that WSL doesn't still overwrite this file (it tends to regenerate it whenever you close and reopen WSL's command line):

 sudo chmod 444 /etc/resolv.conf

Now we are ready to get started. Close the bash window and reopen it by typing bash into the start menu, you should now see a Ubuntu icon and bash will start up in your WSL home folder and your name resolution should work if you are on VPN or not.