Hi,
I have problems with forticlient and windows 10, with both desktop and win10-store versions.
Sample:
nslookup test.domain.com Server: domainController1.domain.com Address: 11.11.1.200
Non-authoritative answer: Address: 212.2.1.2 Aliases: test.domain.com
The problem is that the names are often resolved using my internal DC (domainController1.domain.com ) instead of my fortinet dns server.
Let's say 70% of the time the correct fortinet dns is used, 30% of the time it fails
Can you suggest a solution ?
Hi
Domain PC will use internal DNS and it is as per your DHCP server setting .By Forticlient will not take care of DNS resolutions .
What exactly are you looking ?
Regds,
Ashik
Hi,
The correct behaviour I see in mac and linux is that when forticlient VPN connection is active, the fortinet DNS server is ALWAYS used bypassing the standard DNS given by the DHCP.
Hi
But Domain Windows workstations will query internal DNS first , Mainly use DHCP server listed DNS servers for query .
If you want to change to Different DNS server setting , try configuring manual DNS server details in the network adapter and do nslookup This will try to query mentioned DNS server .
Regds,
Ashik
I'll try to explain my problem more exactly :
I have a server which behaves differently depending if it's reached from outside our company (vpn off) or from inside our company (vpn on).
If it's reached without vpn it gets resolved with a given ip address, while if my vpn is on the url gets resolved with another ip address behaving differently.
What happens with windows is that sometimes when I try to reach the site with my vpn on, the url gets resolved badly like I had no vpn active.
I suspect that windows try to use the dns given by the dhcp first, if it gets resolved it goes on, otherwise it tries with the dns given by the forticlient.
Could this be a metric problem ? Has the forticlient dns alwasy the highest priority ?
Hi
If i undertood your issues correctly , this is your issue
You have server published inside accessed from internet with public url which is fine .
If you want to access same server with SSL VPN gives error or resolved to another IP than server IP is it right ?
Solution :
1. Just check what DNS setting configured on SSL Setting .
2. Check your local DNS server and validate URL and Mapped IP address .
Regds,
Ashik
Hi ,
If your server to resolve same Public DNS IP then just create a record in Local DNS server and point to public IP .
Regds,
Ashik
 
					
				
				
			
		
| User | Count | 
|---|---|
| 2677 | |
| 1412 | |
| 810 | |
| 703 | |
| 455 | 
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.