Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
ghani
New Contributor

Created on ‎09-13-2021 03:58 AM

DNS suffix configuration in IPSec phase1-interface

I have a problem that DNS resolution doesn't on my IPsec VPN tunnel. I have seen online that I need to "set domain" in my IPSec phase1-interface configuration. However the command "set domain <domain.xyz>" is not available. I have already enabled mode-cfg. Could you please give me any tips on how can I achieve this? I am using fortogate v6.4. 

1157
0 Kudos
1 REPLY 1
sw2090
Honored Contributor

Created on ‎12-29-2022 11:55 PM

I had issues with DNS not working in IPSec too. The culprit was that I did set DNS Server(s) and also did set the suffix but the DNS mode was still at auto. Since I did set that up in FortiManager that might have been a bug in FMG.

But also that could mean that you have to set the DNS mode on your p1 to "manual" to make the domain option available...

 

hth

Seastian


-- 

"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams

315
0 Kudos
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.​

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2023 Fortinet, Inc. All Rights Reserved.