Way to set DNS search domains after VPN setup, or push from FortiGate?
I'm running FG 6.2.3 and FortiClient 6.2 and am wanting to push my users a list of several FQDN's to treat as DNS search domains. The problem is the Mac users whose default search domains disappear when connected via FortiClient, and I can't see a way in FG CLI to set more than a primary domain for an ipsec VPN. Also, on the Mac side, given FortiClient does not create an interface in Networking, there doesn't seem to be a way to set search domains that do not get wiped when the VPN connects and resolv.conf is rebuilt.
Unfortunately in ipsec vpn you can onyl enter ONE domain.
you can enter up to 4 ipv4 and ipv6 dns servers
Also unfortunately fortinet has skipped one important option in gui and parly cli (you can set it on cli but you don't see it). With this option set to default you will always only get system dns pushed even if you entered your own ones. I stumbled accross this for several times now.
Also the domain option in ipsec is not availabe on gui.
You woould have to set it on cli:
config vpn ipsec phase1-interface
set ipv4-dns1 xxx.xxx.xxx.xxx
set domain "domain"
set dns-mode manual
to make it work...
"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.