Technical Tip: DNS suffix not showing in FortiClient SSL VPN adapter

nevan · ‎02-01-2025

Description

This article describes why the DNS suffix does not appear in the Fortinet FortiClient SSL VPN adapter in the windows.

Scope

FortiGate, FortiClient, WinOS.

Solution

To configure the DNS suffix:

Once the suffix is configured in both settings and the portal the DNS suffix should appear in the network configuration and will resolve the domains. But the user cannot see it in the 'Connection Specific DNS Suffix' list in the network adapter and also will not be visible once checked by 'ipconfig /all'.

dns suffix.png

Instead of the Connection-Specific DNS Suffix list, it will appear in the Windows IP configuration and the global DNS Suffix Search List.

While the suffixes are in the search list it will always resolve the domains with the suffix and can be tested with PING or NSLOOKUP.

dns suffix 1.png

As the IP of the SSL VPN is distributed by the address group, address lists, or pools there are no options to set the DNS suffix. This is why it does not appear in Connection Specific DNS Suffix.

The Connection Specific DNS Suffix can be obtained with the DHCP server which is shown in the following article: Technical Tip: How to add Connection-specific DNS suffix in DHCP server settings of Fortigate Firewa...

Technical Tip: DNS suffix not showing in FortiClient SSL VPN adapter

You are leaving our website