Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
pxiannie
New Contributor III

Created on ‎02-01-2024 01:07 AM Edited on ‎02-01-2024 01:10 AM

How to solve DNS resolve failed problem when connect to SSL VPN?

I'm able to connect to ping my server and access local system last week, but today I tried to connect it shows error DNS resolve failed. I did not make any changes and this error has been solved, why got this error again?  I cant ping my server in command prompt and access the local system now. My current version of FortiClient VPN is 7.2.3.0929, is it because of the updates?

 

Screenshot 2024-02-01 170224.png

Screenshot 2024-02-01 170430.png
Please help. Thanks!

 

FortiClient 
FortiGate 

Labels:
6220
0 Kudos
22 REPLIES 22
hbac
Staff
Staff
In response to pxiannie

Created on ‎02-06-2024 08:14 AM

@pxiannie,

 

Which server name are you trying to ping? Is it a local domain name? You are using public DNS servers. You won't be able to resolve internal domain names. 

 

Regards, 

1589
pxiannie
New Contributor III
In response to hbac

Created on ‎02-06-2024 06:09 PM Edited on ‎02-06-2024 06:11 PM

Hi @hbac ,

Yes I'm trying to ping local domain name. I try to use FortiGuard DDNS also not able to ping. My SSL VPN Setting's DNS server are same as the Dynamically Obtained DNS Servers.
Screenshot 2024-02-07 101047.png

1580
0 Kudos
hbac
Staff
Staff
In response to pxiannie

Created on ‎02-07-2024 07:04 AM

@pxiannie,

 

Are you able to ping public domain name such as google.com, fortinet.com, etc?

 

Regards, 

1544
pxiannie
New Contributor III
In response to hbac

Created on ‎02-07-2024 05:57 PM

Hi @hbac ,

I can ping public domain. My destination set to local lan 192.168.1.0/24 and I can ping some of them like 192.168.1.1 and 192.168.1.2. But some reply from my remote ip address and show destination host unreachable, and also request timed out.

Regards,

1538
0 Kudos
hbac
Staff
Staff
In response to pxiannie

Created on ‎02-08-2024 05:54 AM

@pxiannie

 

You are able to ping public domains which means your DNS is working. I think you cannot ping your local domain name because you are using public DNS servers? which local domain are you trying to ping exactly? 

 

Please note that ping might be blocked by Windows firewall. 

 

Regards, 

1515
0 Kudos
pxiannie
New Contributor III
In response to hbac

Created on ‎02-12-2024 05:16 PM

Hi @hbac ,

I used Dynamically Obtained DNS Servers as my DNS Server in SSL VPN Settings, is that internal DNS server? I would like to ping my server name, which also the ip address in the range of local lan destination address. I cant ping the server when connect to ssl vpn but can ping using local lan, is it blocked by Windows firewall?

Regards,

1464
0 Kudos
hbac
Staff
Staff
In response to pxiannie

Created on ‎02-13-2024 10:24 AM

@pxiannie,

 

No, you cannot resolve internal domain names while using public DNS servers. It will not work. You need to use internal DNS server for SSLVPN settings. 

 

Regards, 

1439
0 Kudos
pxiannie
New Contributor III
In response to hbac

Created on ‎02-13-2024 06:20 PM

Hi @hbac ,

I ady set to internal DNS server but still have DNS resolve failed problem. Is there anything wrong with my ssl vpn network connection? 

This is my network connection details using local internet.
Screenshot 2024-02-14 101128.png

This is my network connection detail after connect to ssl vpn.
Screenshot 2024-02-14 101633.png

Regards,

1421
0 Kudos
hbac
Staff
Staff
In response to pxiannie

Created on ‎02-14-2024 06:34 AM

@pxiannie,

 

You are using 8.8.8.8 which is a public DNS server. It will not resolve your internal domain name. You need to specify your internal DNS server under SSL VPN Settings. 

 

Regards, 

1401
0 Kudos
pxiannie
New Contributor III
In response to hbac

Created on ‎02-14-2024 05:09 PM Edited on ‎02-14-2024 05:15 PM

hi @hbac ,

 

I think my internal DNS server is set to 8.8.8.8 because I check the dns server of local ethernet it is 8.8.8.8 . If not this the internal DNS server can be found in fortigate ?

Screenshot 2024-02-15 090819.png
Regards,

1385
0 Kudos
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.