How do I manually configure the DNS server and suffix settings for IKEv2 and L2TP connections in Windows?
In Fireware v12.2.1 or higher, you can select to:
If you configure the Firebox not to assign DNS servers to mobile clients, you must manually configure DNS servers in the mobile client settings.
Domain Name Suffix
You cannot specify a domain name suffix in the Mobile VPN with IKEv2 or Mobile VPN with L2TP settings on the Firebox. IKEv2 and L2TP VPN clients do not use the domain name configured in the Firebox network DNS settings as a suffix.
If the mobile client must resolve local host names through the VPN, you must manually configure a suffix in the mobile client settings.
When you configure a DNS suffix, the mobile client adds the suffix to all DNS requests. If there is no response to the first DNS request, the client sends another DNS request without the suffix. For instance, if a client tries to browse to hostname, and the DNS suffix is example.net, the mobile client first tries to resolve hostname.example.net.
Manually Configure DNS Server and Suffix Settings for Windows VPN Connections
To configure DNS server addresses and a DNS suffix for a Windows IKEv2 or L2TP connection:
See AlsoConfigure DNS and WINS Servers for Mobile VPN with L2TP in Fireware Help
Configure DNS and WINS Servers for Mobile VPN with IKEv2 in Fireware Help