Recently had a customer complain that he cannot access documents on his file server when connected via SSL VPN. Closer inspection showed that the customer was trying to access the fileserver by hostname “\\fileserver” as opposed to “\\fileserver.corp.local”.
The fix seemed to be simple, implement a DNS search suffix. Unfortunately there is no such option in the GUI, so I had to set it via command-line.
Set DNS search suffix using CLI
config vpn ssl settings
set dns-suffix corp.local
Set Client DNS Server in the GUI
Navigate to VPN –> SSL –> Settings –> Tunnel Mode Client Settings. Specify the DNS Server setting and enter the IP addresses of your corporate DNS servers.
Your Fortigate will now append the “corp.local” suffix to all non-qualified hostnames. This was tested on FortiOS 5.06, 5.07 and 5.2