FortiClient IPSec VPN - DNS Stuck while disconnecting

FAhmad · ‎12-03-2024

Hi

I am observing an issue as DNS entry stuck / not refreshed to default for local network adaptor while disconnects the FortiClient IPSec VPN. Following URL is found over the internet

FortiClient DNS gets stuck : r/fortinet

Resulting, if the user connects another network later, it connects but unable to surfing internet due to wrong DNS entries

It is being observed with 10% users only with following firmware combination:

FortiGate Firmware Version 7.4.5 build 2702 (Mature)

FortiClient Firmware Version 6.0.9.0277

Regards,

FAhmad

adambomb1219 · ‎12-03-2024

Are you pushing DNS entries from the FortiGate? Why such an ancient version of FortiClient????

FAhmad · ‎12-03-2024

Yes, i am pushing one DNS entry from FortiGate. Yes, looking forward to upgrade with 7.4.1

adambomb1219 · ‎12-04-2024

I wouldn't spend too much time troubleshooting until you have upgraded the client.

FAhmad · ‎12-04-2024

Yes, I am on it and will revert on this thread as upgraded

sjoshi · ‎12-03-2024

Hi,

Can you collect ike debug that will show what dns FGT is pushing to the client

https://community.fortinet.com/t5/FortiGate/Troubleshooting-Tip-IPsec-Tunnel-debugging-IKE/ta-p/1900...

Let us know if this helps.
Salon Raj Joshi

FAhmad · ‎12-03-2024

Yes, I am pushing the DNS entry which is being show on client as well. Entry is correct and it works fine however when IPSEC VPN disconnects then both entries (one assigned from FGT & one assigned from local internet medium) didn't remove from local interface card

FortiClient IPSec VPN - DNS Stuck while disconnecting

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website