DNS suffix configuration in IPSec phase1-interface
I have a problem that DNS resolution doesn't on my IPsec VPN tunnel. I have seen online that I need to "set domain" in my IPSec phase1-interface configuration. However the command "set domain <domain.xyz>" is not available. I have already enabled mode-cfg. Could you please give me any tips on how can I achieve this? I am using fortogate v6.4.
I had issues with DNS not working in IPSec too. The culprit was that I did set DNS Server(s) and also did set the suffix but the DNS mode was still at auto. Since I did set that up in FortiManager that might have been a bug in FMG.
But also that could mean that you have to set the DNS mode on your p1 to "manual" to make the domain option available...
"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.