![]() ![]() It isn’t how split DNS on a FortiGate works. Administrators often enter the FQDN for the local directory and the IP addresses of the domain controllers, because this is how most DNS clients work. In most firmware versions, split DNS is enabled by default when split tunneling is selected. Specifically, this happens when the VPN portal is configured to use split DNS. The symptoms are that machines connected via VPN can only resolve names from records in the primary zone. The problem occurs when an administrator has configured the FortiGate to use internal DNS severs such as Active Directory controllers and those DNS servers have more than one zone. Their SSL VPN is simple enough to setup but there is a misunderstanding around DNS that I have encountered a few times now. FortiGates are fantastic IEDs (Integrated Edge Devices) that are often used as VPN concentrators for remote workers.
0 Comments
Leave a Reply. |