SSL VPN : Assigning different DNS servers to different users / portals

Permalink · ‎03-28-2011

Hi Everyone, Have a bit of an issue. We have a few Fortigate devices which we use for hosting clients etc. All in active/passive mode. For security reasons each client has a different VLAN, subnet, user group SSL VPN portal and SSL VPN range on the Fortigate which corresponds to policies for the correct access for each user group. This all works pretty well except for auto DNS/WINS server assignment via the VPN tunnel. Basically we want to be able to assign different DNS/WINS servers to each SSL VPN portal for the tunnel mode. We have found that a workaround is manually assigning DNS servers on the client end interfaces. This is ok, but not ideal. If anyone has any thoughts, it would be greatly appreciated! Gerard

Permalink · ‎03-28-2011

Are you looking for adding wins and DNS services for the clients? If that, You can specify the WINS or DNS servers that are made available to SSL-VPN clients. 1 Go to VPN > SSL > Config. 2 Select the blue triangle to open the Advanced section. 3 Enter the IP addresses of one or two DNS Servers to be provided for the use of clients. 4 Enter the IP addresses of one or two WINS Servers to be provided for the use of clients.

Permalink · ‎03-28-2011

Hi muhammed, Thank you for writing back but I don' t think you read my post entirely. Those options mean that I must give the same DNS servers to all users who SSL VPN into the Fortigate. I need to provide different DNS details to each SSL VPN portal. Gerard

Permalink · ‎03-28-2011

Ah I see.. Let me check with my FG is there any such option. Thanks,

SSL VPN : Assigning different DNS servers to different users / portals

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website