Fortinet Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
CHR57
New Contributor III

SSL VPN DNS problem

When I connect by SSL-VPN with Forticlient and I do a Nslookup I get this DNS time out;

nslookup ad2.office.local
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 10.300.2.2

Name: ad2.office.local
Address: 10.300.2.3

 

When I do it locally it answers without any problems;

nslookup ad2.office.local
Server: AD1.office.local
Address: 10.300.2.2

Name: ad2.office.local
Address: 10.300.2.3

 

I can from SSL-VPN ping office hosts by DNS name.

Split Tunneling with DNS Split Tunneling is enabled to office.local 10.300.2.2 and 10.300.2.3.

On the SSL client, I have both the office DNS and my local DNS (from ISP).

My SSL-VPN Settings DNS are pointing to my office DNS (10.300.2.2 and 10.300.2.3).

SSL-VPN policy is opened from SSL-VPN to the DNS.

 

FortiOS 6.4.8

Forticlient 7.0.2

 

2 REPLIES 2
TonyJones
New Contributor

Follow the simple steps here. Hopefully, it will help you.

CHR57
New Contributor III

Solved by turning off DNS slitting.