When setting up a FortiClient VPN, to allow a client to resolve NETBIOS name of servers or other devices to IP in DNS we need to specify the domain name in the CLI.
For example, a client is trying to access a file share on server AGHADS01 without typing in the Fully qualified domain name, over the FortiClient VPN the server name would not resolve as broadcasts are not forwarded.
To resolves this we can add the domain name to be handed to the client when connecting via Forticlient. For the above example to have the client connect to the server belonging to the mycompany.local domain we can do the following:-
config vpn ipsec phase1-interface
edit FortiClient – The FortiClient tunnel name
set domain mycompany.local
end
To verify we can use:-
show vpn ipsec phase1-interface <tunnelname>