IPSec tunnel between FortiGate and iPhone / iOS - Works except for DNS / Wins
Posted
by
user57988
on Server Fault
See other posts from Server Fault
or by user57988
Published on 2010-10-22T20:41:40Z
Indexed on
2011/11/11
17:58 UTC
Read the original article
Hit count: 418
I have configured my Fortigate with a new VPN IPSec tunnel to allow the iOS Cisco client to connect. That works fine. I can RDP to my servers, browse to my servers via IP address, etc.
But, the iPhone does not resolve my internal IP addresses. I have added the DNS servers that serve addresses for my internal users, as well as the WINS servers, but the iPhone acts like it doesn't see them at all.
config vpn ipsec phase1-interface
edit "iPhone_VPN"
set type dynamic
set interface "wan1"
set dhgrp 2
set proposal 3des-sha1 3des-md5
set xauthtype auto
set mode-cfg enable
set authusrgrp "iPhone_VPN_Users"
set ipv4-start-ip 10.10.99.100
set ipv4-end-ip 10.10.99.199
set ipv4-netmask 255.255.0.0
set ipv4-dns-server1 10.10.2.1
set ipv4-dns-server2 10.22.1.80
set ipv4-wins-server1 10.10.2.1
set ipv4-wins-server2 10.22.1.80
set ipv4-split-include "Dialup_VPN_Networks"
set psksecret ENC xxxxx
next
end
For whatever reason, as far as I can tell, the iPhone does not 'see' the DNS or WINS entries. I don't know how to check it...
© Server Fault or respective owner