Something strange happens with DNS server when I use a VPN client

Question

Hello everybody,

I have a Fortigate F60 device (v 7.2.10).

this Fortigate is implementing a conditional DNS for the Wi-Fi interface.

For some internal domain, I registered some DNS records:

Screenshot 2024-11-13 alle 10.02.07.png

192.168.1.1 is the router address.

Normally, everithing works, fine. If I try to ping one of the registered names (for example vpn.xxx.com):

Screenshot 2024-11-13 alle 10.04.23.png

10.1.0.1 replies to the echo request. 10.1.0.1 is the Fortigate address.

These are my network settings:

Screenshot 2024-11-13 alle 10.05.08.png

Screenshot 2024-11-13 alle 10.04.56.png

So far, so good. Now I try to connect via Cisco Secure Client to a VPN.

Regarding network settings, nothing has changed. My address is the same, Router address is the same, DNS address is the same. The interface is the same, so, if I ping the same address as before, I expect 10.1.0.1 to answer (as before), but now:

Screenshot 2024-11-13 alle 10.14.27.png

79.9.x.x is replying. Who is 79.9.x.x? Is the Fortigate WAN interface:

Screenshot 2024-11-13 alle 10.15.08.png

And the domain vpn.xxxx.com, if I put it into the browser, is not reacheable anymore, because I think DNS is not functioning correctly. What am I missing?

Thank you for your support!

pminarik · Accepted Answer

VPN clients often get a different DNS server IP assigned from their server. Are you sure this is not happening to you when you connect with tha Cisco client?

Try checking what's your current DNS server. In Windows you can do "nslookup vpn.yourdomain.com" and it will print out both the IP of the DNS server and the resolved IP for that domain. As far as I know, Macbooks should be able to do the same.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded