FortiClient SSL-VPN: local DNS working in desktop PCs but not in mobile devices

bierps · ‎09-01-2022

Hello

I am new to Fortinet but have experience with routing. I believe I am overlooking something simple.

I am facing the problem in the title. VPN is set as split tunnel and all clients should naturally first resolve with the local DNS. As stated above, desktop PCs using FortiClient do this flawlessly but Phones and Tablets can't resolve.

Mobile devices only get to resolve in tunnel-mode, not split-tunnel. Any thoughts?

Thanks!

jhussain_FTNT · ‎09-01-2022

Hi,

Are you facing issue with mobile device is not able to resolve the domain located on your network, if so you configure Split DNS for SSL VPN portals which allows to specify which domains are resolved by the DNS server specified by the VPN, while all other domains are resolved by the DNS specified locally with the below settings.

config vpn ssl web portal
    edit <name>
    # config split-dns
        edit <name>
            set domains "abc.com, cde.com"
            set dns-server1 192.168.1.1
            set dns-server2 192.168.1.2
            set ipv6-dns-server1 xxxxxxxxxxxx
            set ipv6-dns-server2 xxxxxxxxxxxx
        next
    end

kindly refer the below document.

https://community.fortinet.com/t5/FortiGate/Technical-Tip-Split-DNS-support-for-SSL-VPN/ta-p/194766

Regards

Jamal

FortiClient SSL-VPN: local DNS working in desktop PCs but not in mobile devices

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website