Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Not applicable

SSL VPN DNS Search Suffix

Is there any way for a default search suffix to be passed through the FortiGate without any client adapter configuration? For example, if an SSL VPN user wanted to simply type in mailserver instead of mailserver.corp.internal, is there a configuration parameter to do this? I' d really like to avoid doing any client-side DNS configuration because of the sheer volume of people who use the system.
5 REPLIES 5
Not applicable

modify the name local server by adding cname records mailserver CNAME mailserver.corp.internal
support12
New Contributor III

Use wins,, Then you will be able to ping using the name of the machine only.
Not applicable

go to System->Network->Options and set the local domain name. --Ali
TopJimmy
New Contributor

ORIGINAL: ayazdi go to System->Network->Options and set the local domain name. --Ali
that doesn' t work for me either. I just spent the last couple of months getting users off an old Cisco concentrator and onto the SSL VPN (we use tunnel mode only) on the Fortigate. The biggest complaint that they have is now they have to add the domain name to any request because the fortinet SSL pluggin (or client) doesn' t get the DNS suffix from the Fortigate to append to DNS queries.
-TJ
-TJ
support12
New Contributor III

Again Use Wins Windows Name Service. Install Windows Name Service (wins) on the server that is running dns. Configure the dns lookup on wins database. Configure the ssl service on the fortigate and include the wins server ip that will be the same as the dns if you install the service on the same server ( dns + wins) Configure your dhcp server to user wins to register all machine thar request and ip 045 and 046 then when the user try to ping server1 it will reply with the ip assigned. or ping server1.mydomain.local it will reply with the ip assigned too
Labels
Top Kudoed Authors