Hi,
I am incountering a problem with our Fortclient VPN. When i am connected, loading an internet page is very slow the first time. After that, evry page inside that specidic domain is snappy. There is a 4-5 sec lag before the browser start loading. It’s like it’s waiting for an authorisation to load the page.
This is not an internet speed problem. I did a speed test and it’s very satisfactory. Any idea?
Hi Phil,
It really sounds like a DNS problem. Especially after connecting to the domain it remains snappy.
Did you check if the provided DNS servers are reachable? Otherwise it will fall back to another DNS server which can take a few seconds. use nslookup to check, assuming you are on Windows.
What does wireshark tell ya ? If it’s a few seconds just capture on the end point and see what’s dying ?
DNS request timed out.
Timeout was 2 seconds.
Our IT guy is a contractor. Is this something that has to fixed on their side or is can it be fixed on the laptop locally?
Either there’s a problem with the DNS server causing this issue or the fix would be to configure the Fortigate correctly to allow traffic to the Fortigate supplied DNS server (usually an Active Directory server). Maybe there’s no policy to allow a connection to the on premise DNS server and when that fails it uses the DNS server originally configured on the laptop (usually by DHCP).
As a temporary workaround you could configure the original DNS server supplied by DHCP (without FortiClient connected) after FortiClient is connected by removing the extra DNS servers that were added to all online Network interfaces. Also note that this does not make internal domain names available as that requires the internal DNS server which is not reachable at this time.
Please check after disconnecting that this is set back to the previous value(s), otherwise DNS is borked on the laptop and DNS resolution fails, even when disconnected on the FortiClient.