Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
48sivadm
New Contributor

Created on ‎05-20-2024 08:39 AM

SSL VPN Split DNS configured according to docs but not working.

According to this, only traffic to my domain should be crossing the VPN. 

config vpn ssl web portal
edit Secured-Access
set tunnel-mode enable
set auto-connect enable
set keep-alive enable
set save-password enable
set ip-pools Secured-Pool
set split-tunneling-routing-address Secured-Routing
set forticlient-download-method ssl-vpn
config split-dns
edit 1
set domains Secured-Domain
set dns-server1 My-DNS1
set dns-server2 My-DNS2
next
end
next
end

 

However, I see non-secured domain resolution against my servers. What would be the cause of this? Are there any supplemental configurations that the above referenced technical tip doesn't mention?

Labels:
721
0 Kudos
2 REPLIES 2
AEK
SuperUser
SuperUser

Created on ‎05-20-2024 04:14 PM

Is it FortiClient or FortiClient VPN?

Which FortiClient version?

Which Windows version?

Did you enable split-tunneling?

set split-tunneling enable

 

AEK
AEK
686
48sivadm
New Contributor
In response to AEK

Created on ‎05-21-2024 01:34 PM

 Windows 11 Enterprise 22H2 FortiClient EMS 7.2.3 Forticlient 7.2.4

Windows 11 Pro 23H2 Forticlient VPN Only 7.0.7

Split Tunneling is enabled. If it weren't, I wouldn't be able to browse the internet because the tunnel access is not set for all traffic.

629
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.