DNS Queries fail on some Windows 10 machines - SSL Tunnel FortiClient VPN.
We have encountered this issue on both FG60E and FG40F.
SSL VPN Settings are set to specify DNS and WINS servers behind the FortiGate.
Portal settings enable split tunneling but DNS split tunneling is disabled.
DNS suffix was configured using:
config vpn ssl settings
set dns-suffix domain.domain.tld
I have received 3 support requests where users are unable to resolve hostnames using ping and remote desktop:
ping hostname.domain.domain.tld fails - could not find host
nslookup hostname.domain.domain.tld successfully resolves IP from DNS server behind FG.
Ping of the IP succeeds.
RDP similarly fails with hostname but succeeds with IP.
This is only happening on select Windows 10 machines. I would like to get to the bottom of it but cannot reproduce it on any of my systems. I was unable to run packet captures on the users machine to see where the DNS queries were going.