Hello

We have some problems with slow RDP connections when using FortiClient VPN.

Let's say we have laptops added to the Active Directory domain called mydomain.com

We are using only VPN connections as we are remote workers.

We can connect quickly to all severs in the same domain with RDP without any problems.

We have also some other Active Directory domains in our infrastructure, called anotherdomain.com and anotherdomain2.com

They are in different AD forests and DNS conditional forwarding is configured.

The problem is that it is taking approx. 1 minute to connect via RDP to the servers in these different Active Directory domains - this issue only happens if I use FQDN of the server.

If I use IP address the connection is immediate, there is no delay.

When connected to LAN in the office, no problems, no delays...

Interesting part - this problem happens only when using FortiClient VPN version 7.2.5 and higher.

When using FortiClient VPN version 7.2.4 I am getting immediate nslookup reply and instant RDP connection:

> nslookup server.anotherdomain.com
Server: dc.mydomain.com
Address: 10.x.x.10

Non-authoritative answer:
Name: server.anotherdomain.com
Address: 172.17.2.22

When using FortiClient VPN version 7.2.5 or higher, I get following nslookup reply and RDP connection takes approx. 1 minute

> nslookup server.anotherdomain.com
Server: dc.mydomain.com
Address: 10.x.x.10

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
Non-authoritative answer:
Name: server.anotherdomain.com
Address: 172.17.2.22

I created a ticket with Forti support a year ago for this issue and so far the only reply I receive is "I will let you know if I receive any updates from Engineering team" :(

Just wondering... Has anyone else seen the problem?

#forticlient