Skip to main content
Marcos_FDS1012
Marcos_FDS1012
New Member
November 22, 2024
Solved

VPN IPSec - DNS

  • November 22, 2024
  • 2 replies
  • 1972 views

I've set up an IPSenc VPN between a head office and a branch office, two F60 fortigates, but we can't access the head office network folders, when I put DNS on the network card it works perfectly, without DNS on the card I can ping and everything, is there anything I can do so that I don't have to put DNS on the network card?

Best answer by mle2802

Hi @Marcos_FDS1012,

In case FortiGate on this side is doing DHCP, you can specify DNS server as remote side so you do not need to manually specify DNS.

Regards,

2 replies

AEK
SuperUser
AEK
SuperUser
November 24, 2024

You need to enable split DNS, available only for IKEv2 on the later FOS versions.

https://docs.fortinet.com/document/fortigate/7.2.8/administration-guide/836965/ipsec-split-dns-new

AEK
Marcos_FDS1012
Marcos_FDS1012Author
New Member
November 25, 2024

I'm using the site-to-site tunnel, does this stuff work too?

AEK
SuperUser
AEK
SuperUser
November 25, 2024

Oh! In that case I think you should configure your local DNS server to forward the related queries to the remote DNS server.

AEK
mle2802
Staff
mle2802Answer
Staff
November 25, 2024

Hi @Marcos_FDS1012,

In case FortiGate on this side is doing DHCP, you can specify DNS server as remote side so you do not need to manually specify DNS.

Regards,

Terms & ConditionsAccessibility statement