Description

This article describes the procedure to add multiple dns-suffix in the SSL-VPN settings of the FortiGate unit.

In some situations, multiple dns-suffix needs to be added in SSL-VPN for any reason.

For example, the SSL-VPN client of IOS can not solve the name to access the internal server.
And there might be many domain names of the internal servers.

Scope

FortiGate v6.4.x.

Solution

- Adding of multiple dns-suffix in SSL VPN can be done in 3 patterns as below.

- It can be done via CLI commands in one of the ways.

CLI commands:

The solution to fix the issue:

Pattern 1:

# config vpn ssl settings

     set dns-suffix “test1.com test2.co.uk test3.net”

  end

Pattern 2:

# config vpn ssl settings

     set dns-suffix test1.com;test2.co.uk;test3.net

  end

Pattern 3:

# config vpn ssl settings

     set dns-suffix “test1.com; test2.co.uk; test3.net”

  end