If i had a SSLVPN tunnelmode vpn, i can' t contact the Exchange 2010 server via Outlook. I can ping the exchange server / Can make a terminal server connections, but can' t connect my outlook to Exchange.
Any idea ?
I would check your " AutoDiscovery" settings within your Exchange box.
Also check your internal / external urls settings within exchange and make sure the SSLVPN clients can resolve these urls and that they have access to these machines.
Is DNS configured properly for the SSL VPN tunnel on the FortiGate?
We had a similar issue and after we put the correct DNS server IP, which can resolve the address of the exchange server and the issue was resolved.
For FortiOS 4.2 or later, the configuration is on the SSL VPN Settings page under Advanced (DNS and WINS Servers). You can locate the page from the left-hand menu of the FortiGate web interface: VPN -> SSL -> Config
We are having a similar problem with IPSEC VPN. We can resolve the name fine with a ping, but some clients will not connect to Exchange. Even if we place entries in the host file, it will not work....Although we can ping our Exchange server!
The onbe thing I notice too is that the DNS of the local machine connection will kill it sometimes. For example, if you are using Comcast DNS, the query will always resolve thus no causing the machine to use the DNS servers assigned by IPSEC DHCP. The reason it always performs a successful lookup is because Comcast (and other ISP' s) will redirect you to a generic web page even if you type something in the browser like: www.54ghedksgeiksaslfchs.com. No matter what you try to resolve, if the Comcast DNS server does NOT have an answer, it will redirect you to that generic splash page..... However, this seems to mainly be a problem when querying Exchange.... Surely others have this problem?????
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.