- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Mobile app for VPN
Good morning! I have issue about my mobile vpn for fortigate, it doesn't resolve DNS name. I checked all the settings, everything is fine, the DNS server is specified, but the mobile application does not see them.I can connect by IP address but not by domain name. here is my problem, I ask you to help
- Labels:
-
FortiClient
-
FortiConnect
-
FortiGate
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @Yerlik
May I verify if you want DNS resolution of the private domain?
You may try to configure DNS suffix on SSL VPN or IPSEC VPN.
https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-set-DNS-suffix-for-VPN-SSL-and-IPse...
**If you come across a resolution, kindly show your appreciation by liking and accepting it, ensuring its accessibility for others**
Arnold Dimailig
TAC Engineer
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
i think you don't understand me, i am talking about when i connect to VPN by ForticlientVPN for mobile I can't reach web resources by DNS name, but with ip adresses it's openning
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Yerlik,
Are you using IPSEC VPN or SSL VPN?
Is split-tunneling enabled or disable?
Does your mobile device get the DNS Server IP after you connect to VPN?
Arnold Dimailig
TAC Engineer
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I came accross similar behaviour when on a dial up vpn I did set domain and dns servers but the dns mode wasn't set to manual. DNS mode for whatever reason is not available on gui (except from FortiManager gui) but only on cli.
--
"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @Yerlik,
Are you referring to SSL or IPsec VPN? After you connected, can you check if the mobile device has the correct DNS server IP address?
Regards,
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello, i connected via SSL VPN
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Also keep in mind that this is split dns. That means when you enable DNS on your VPN you should also enter a domain. Only FQDN related to this domain will be resolved over the VPN DNS.
I still don't understand why this still is not mandatory in FortiOS...
--
"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams