By default, iOS will appropriately prioritize DNS to the expected interface. However, in some cases you may need to inform iOS of the desired target interface.
For example:
- Always send a domain over WiFi, never cellular. This can ensure that local corporate domains are never sent over the cellular network.
- Always send a domain over cellular, never WiFi. This can aid in compatibility issues, such as voicemail domains only functioning over cellular DNS.
Prerequisites:
- Cisco Security Connector for iOS version 1.6 or higher on iOS 14 or higher.
Procedure
- Open the iOS configuration profile in your preferred code editor. Your profile may already have wifiDomains and celluarDomains keys as shown. If not, add them.
For example:
<key>anonymizationLevel</key>
<integer>1</integer>
<key>disabled</key>
<false/>
<key>cellularDomains</key>
<array> </array>
<key>wifiDomains</key>
<array> </array>
<key>internalDomains</key>
- Configure the wifiDomains or cellularDomains keys as desired using the example provided. Each domain is encapsulated by a <string>. Some configuration profiles may require the addition of these keys. Keys should be added immediately preceding the internalDomains key.
For example:
<dict>
<key>anonymizationLevel</key>
<integer>1</integer>
<key>disabled</key>
<false/>
<key>cellularDomains</key>
<array>
<string>sendtocellularconnection.com</string>
</array>
<key>wifiDomains</key>
<array>
<string>sendoverwifi.com</string>
</array>
<key>internalDomains</key>
Push the Umbrella Certificate to Devices < Configure Cellular and Wifi Domains
Updated 12 days ago