Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
hhasny
Staff
Staff

Created on ‎04-02-2023 10:08 PM Edited on ‎11-06-2024 02:18 AM By Community Manager

Article Id 250944

Technica; Tip: How to allow SSL VPN users to use FortiGate as DNS server

Description

This article describes how to allow SSL VPN users to use FortiGate as a DNS server.
Scope FortiGate and SSL VPN.
Solution

There are instances where FortiGate is used for internal DNS servers.  To allow SSL VPN users to use FortiGate as a DNS server, it is necessary to configure the ssl.root interface under the DNS Service interfaces.

 

FortiGate DNS Server.PNG

 

In this example, the DNS server IP 10.201.2.129 is the port10 IP address.

 

Ensure that the DNS server IP address is configured within the SSL VPN profile or under SSL VPN settings. There are several methods available for setting the DNS server on the FortiClient system.

Refer to the below article : 

 

SSLVPN DNS IP.PNG

 

Below is the result when nslookup is done for internal and external names:

.

nslookup.PNG
5170
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.