Description
This article describes DNS issue with FortiClient SSL VPN when IPv6 is enabled on the endpoint network adapter.
Solution
SSL VPN does not support dual stack IPv4/IPv6.
When IPv6 is enabled on the endpoint network adapter. Windows always prefer IPv6 over IPv4.
Using FortiClient xml configuration <block_ipv6>1</block_ipv6>,it is possible that IPv6 traffic to be blocked.
When this setting is 1, FortiClient blocks IPv6 connection.
FortiClient uses only IPv4 connectivity when the SSL VPN tunnel is up.
This article describes DNS issue with FortiClient SSL VPN when IPv6 is enabled on the endpoint network adapter.
Solution
SSL VPN does not support dual stack IPv4/IPv6.
When IPv6 is enabled on the endpoint network adapter. Windows always prefer IPv6 over IPv4.
Using FortiClient xml configuration <block_ipv6>1</block_ipv6>,it is possible that IPv6 traffic to be blocked.
<forticlient_configuration>https://docs.fortinet.com/document/forticlient/6.4.2/xml-reference-guide/858086/ssl-vpn
<vpn>
<sslvpn>
<options>
<block_ipv6>1</block_ipv6>
When this setting is 1, FortiClient blocks IPv6 connection.
FortiClient uses only IPv4 connectivity when the SSL VPN tunnel is up.
Labels: