Technical Tip: FortiSASE Split-DNS: Why It Works on Windows but Not on Mobile Devices

Description

This article describes why FortiSASE Split-DNS is supported only on Windows PCs and not on Android mobile devices

Scope

FortiSASE.

Solution

There are scenarios where FortiSASE users need to use a private DNS server to resolve certain internal domains.
Refer: Split DNS Use Case 

To accommodate these scenarios, FortiSASE allows the configuration of Split DNS through Split DNS Rules.

This mechanism enables the use of an internal DNS server exclusively for resolving hostnames associated with designated internal domains while relying on public DNS servers for other queries.

Split DNS operates seamlessly on Windows machines, ensuring internal domains are resolved through the designated internal DNS server. However, on Android devices, all domain resolution requests are routed to public DNS servers, preventing Split DNS rules from taking effect.

This limitation arises because Split DNS Rules are not supported in the Android version of FortiClient.

Product integration details can be referred to from the below link: FortiSASE product integration and support