Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor

no access to device names via vpn

When our users connect via VPN, they can only access servers etc. by IP and not by name. This leads to problems with certain services. The DNS server is entered in the settings. Does anyone have an idea what could be wrong? Or could the problem lie with our DNS server?Screenshot_20230328_172251.png

Contributor II

Maybe, does the DNS server trust to queries from  Do you have a firewall policy which allows DNS to flow to  If you do an nslookup or dig on the client what actual errors do you see?  Can the clients ping the DNS server?  Does the network the DNS server is on have a route to

Honored Contributor

hm there is one issue with that: Fortigate gui let's you enter custom dns server(s) for a vpn. For whatever reason the gui does lack the dns mode option. So you set custom DNS servers but dns mode is still set to auto (or similar). You might have to use cli to set dns mode to manual for this vpn to make custom dns working. 

I ran into this on our vpns here too.


"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams

New Contributor

Thank you for your answers. I have now tried to change the DNS Mod via CLI, but I only get the following message:



Your best option would be to enable split DNS. This way you can specify domain name look ups for your servers etc will be done using your internal DNS. And anything else will continue to be done using the client's DNS:


Another thought are you using FQDN? i.e. or are users just accessing things using the hostname i.e. "host".


You may want to add the dns-suffix to the VPN SSL settings (as referenced in the above doc).