DNS resolution

Forum|Forum|2 years ago
February 15, 2024
1 reply
1578 views

Hi guys,

Need some help figuring out this DNS issue.

Scenario:

1) on prem fortigate is connected to AWS via ipsec tunnel.

2) on prem windows based DNS server is configured on fortigate and everything is working fine
3) using SSL vpn for remote users to connect to network

4) able to reach on prem and AWS resources

5) NOT able to resolve AWS DNS names when connected via SSL VPN (split tunnel)

6) nslookup is able to resolve the web address and show correct on prem DNS server

7) Still not able to access the website, curl command also shows no result

if anyone has a suggestion as to why this is happening i would greatly appreciate that. thanks

AEK

SuperUser

Hi

If I understand well your issue, I think the fastest way to fix this is to add AWS DNS as secondary DNS in your SSL VPN settings.

AEK

Timur1Author

Explorer

hi, i tried that already. it doesn't work. i added the AWS DNS to port DNA settings.

AEK

SuperUser

Have added a firewall policy to allow this DNS traffic from VPN clients to AWS?

You may also need to add a route back on AWS to reach you VPN clients.

After that disconnect the client the connect again, the try nslookup from client to send DNS query from client to AWS.

AEK

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded