Solution: DNS Issues on iOS Devices w/FortiClient and FortiClient VPN

DNS resolution on iOS devices when VPN'd in via FortiClient or FortiClient VPN fails. Here's how to fix it!

Solution: DNS Issues on iOS Devices w/FortiClient and FortiClient VPN

I have been working on a Fortinet FortiGate deployment recently and encountered a major issue.  While VPNing in from FortiClient or FortiClient VPN on an iOS device (iPhone or iPad), the client was never able to resolve any FQDNs.  DNS servers were set, split-tunnel was enabled (with the correct domains/subnets selected), and the VPN was working with Android devices perfectly.  It was driving me crazy and if you found this page, it might be driving you crazy also.  Fear not - I have found the fix!

For SSL VPNs, execute the following via CLI (this doesn't appear to be in the 6.2 GUI):

config vpn ssl settings
set dns-suffix "example.com;example.net;example.org"

Disconnect your VPN session if you already have one open and re-connect.  You should now be able to resolve hostnames!  It appears that iOS devices require a DNS suffix/suffixes to be provided or else it will not do anything in regards to DNS resolution.  Very strange!


Share Tweet Send
0 Comments
Loading...