Hello,
we have a Fortigate v7.0.7 and we dial into the company via vpn from Windows, Mac, Android, iPad, iPhone.
An internal dns server is specified in the ssl vpn settings. There are different zones/domains in our internal DNS.
For example:
myfirma.lo (that's the name from our internal AD)
somethingother.de
test.blubber
...
If we make an vpn-connection (with FortiClient) from Windows, Mac or Android, all these zones/domains can be resolved to ip addresses. I test that with ping or nslookup.
For example:
ping hosta.myfirma.lo
ping hostb.somethingother.de
ping testhost.test.blubber
...
No matter what I take, I get an ip address back everywhere.
From iPad and iPhone (also with FortiClient) just the zone myfirma.lo works. All other zones/domains cannot be resolved.
If I ping, for example
ping testhost.test.blubber
I get "Can't resolve host"
So I think, that's a problem with IOS.
What can I do?
Thank you
Greetings
AlbertMin
Solved! Go to Solution.
The solution is to store DNS suffixes in the SSL VPN settings. Only works via CLI:
config vpn ssl settings
set dns suffix myfirma.lo;somethingother.de
Extra information:
I found out with a packet filter, that no DNS-request are sent into the tunnel, except for the domain myfirma.lo.
And myfirma.lo is, as I said, the name of our internal windows domain.
That can not be a coincidence.
And again, as I mentioned before, this only applies to ios (iPad, iPhone). With Windows/Android/Mac everything works as desired.
Regards.
AlbertMin
The solution is to store DNS suffixes in the SSL VPN settings. Only works via CLI:
config vpn ssl settings
set dns suffix myfirma.lo;somethingother.de
Thanks! Worked for us also :)
hello, I had solved it using this suggested 'workaround', but now that iOS has released version 18, it is happening again in Safari. Has anyone experienced the same problem and found a solution?
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1740 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.