Hot!VPN SSL with split tunnel disabled does not work properly

Author
Alexaders
New Member
  • Total Posts : 3
  • Scores: 0
  • Reward points: 0
  • Joined: 2019/09/23 10:53:27
  • Status: offline
2019/09/23 11:11:42 (permalink)
0

VPN SSL with split tunnel disabled does not work properly

Hi everyone, I have a pretty big problem.
Then I created an SSL VPN with Split tunnel disabled,
the vpn connects and works, but it seems not to resolve the DNS, in fact if I poodle the google 8.8.8.8 dns, I get an "expired request"
In practice I wish that when I connect with the VPN, all traffic must pass through the public IP of the firewall.
So when I'm going to do a "WhatsMyip", I have to get the IP from the firewall and not my public.

I remember that the VPN connects, works and I can also do Google searches, but when I enter any website, it times out. In addition, if I ping with cmd example:

ping google.it

only resolve ipv6 and not ipv4 .
 
my configuration:
 

 

 
DNS Server is DC01 E DC02
 

 
 
 
So when I go to resolve my ip, on any website, it must be 46.44.xx.xx and not my public ip
 
Thank You Guys

Attached Image(s)

#1

5 Replies Related Threads

    orani
    Silver Member
    • Total Posts : 101
    • Scores: 1
    • Reward points: 0
    • Joined: 2019/07/11 12:54:18
    • Location: Athens
    • Status: offline
    Re: VPN SSL with split tunnel disabled does not work properly 2019/09/23 14:31:16 (permalink)
    0
    You need a policy to allow traffic form SSLVPN to wan1 interface and destination all.
    #2
    Alexaders
    New Member
    • Total Posts : 3
    • Scores: 0
    • Reward points: 0
    • Joined: 2019/09/23 10:53:27
    • Status: offline
    Re: VPN SSL with split tunnel disabled does not work properly 2019/09/23 15:35:13 (permalink)
    0
    orani
    You need a policy to allow traffic form SSLVPN to wan1 interface and destination all.


    ok so I should change my policy like this:
     
    Incoming Interface : ssl vpn tunnel interface:
    Outgoing inteferface : WAN1
    destination: all
    ????
    #3
    orani
    Silver Member
    • Total Posts : 101
    • Scores: 1
    • Reward points: 0
    • Joined: 2019/07/11 12:54:18
    • Location: Athens
    • Status: offline
    Re: VPN SSL with split tunnel disabled does not work properly 2019/09/23 20:42:40 (permalink)
    0
    No. Do not change the policy you posted above. Create a new one with
     
    incoming interface: sslvpn
    outgoing interface: wan1
    source: same as at your previous rule
    destination: all
    nat: enabled
    #4
    Alexaders
    New Member
    • Total Posts : 3
    • Scores: 0
    • Reward points: 0
    • Joined: 2019/09/23 10:53:27
    • Status: offline
    Re: VPN SSL with split tunnel disabled does not work properly 2019/09/24 00:35:21 (permalink)
    0
    not working
     


     
     

    as you can see, I can do searches on google, but it seems that it does not risk pinging the dns, also it does not resolve the websites in ipv4.
    Where am I doing wrong?
    post edited by Alexaders - 2019/09/24 00:36:36
    #5
    orani
    Silver Member
    • Total Posts : 101
    • Scores: 1
    • Reward points: 0
    • Joined: 2019/07/11 12:54:18
    • Location: Athens
    • Status: offline
    Re: VPN SSL with split tunnel disabled does not work properly 2019/09/24 12:54:07 (permalink)
    0
    This might be a dns issue and not a fortigate configuration issue
    #6
    Jump to:
    © 2019 APG vNext Commercial Version 5.5