Using FortiGate as a DNS Server


How to use a FortiGate as a recursive DNS server

This tutorial describes how to create an unauthoritative primary recursive DNS server using FortiGate for the local network. The interface mode is recursive so that, if the request cannot be fulfilled, the external DNS forwarders will be queried.

Note. FortiGate as a DNS server also supports TLS and HTTPS connections to a DNS client.

To enable DNS server options in the GUI

  • Go to System > Feature Visibility.
  • Enable DNS Database in the Additional Features section.
  • Click Apply.
FortiGate Feature Visibility DNS Database, recursive DNS server

To configure FortiGate as a primary DNS server

To configure FortiGate as a primary DNS server in the GUI
  • Go to Network > DNS Servers.
  • In the DNS Database table, click Create New.
  • Set Type to Primary.
  • Set View to Shadow.
    If Shadow is selected, only internal users can use it.
  • Enter a DNS Zone.
  • Enter the Domain Name of the zone.
  • Enter the Hostname of the DNS server.
  • Enter the Contact Email Address for the administrator.
  • Disable Authoritative.

Create new DNS entries

FortiGate Edit DNS Zone
  • In the DNS Entries table, click Create New.
  • Choose Type Address (A).
  • Enter the Hostname.
  • Enter the IP Address.
  • Set TTL to Use Zone TTL
  • Enable Status
  • Click OK.

Enable DNS services on an interface

FortiGate Edit DNS Service

FortiGate recursive DNS server

  • In the DNS Service on Interface table, click Create New.
  • Select the Interface for the DNS server, such as LAN.
  • Set the Mode to Recursive.
  • Click OK.

a few words about Fortinet FortiGate

Fortinet FortiGate provides users with next-generation firewall solutions that provide proven protection with unmatched performance across the network, from internal segments to data centers to cloud environments. You can protect every part of your network without exception.

FortiGate is an innovative line of firewalls that aim to protect organizations from all types of web-based network threats. They come in a wide variety of product types. FortiGate’s solutions are available in a large range of sizes and form factors and are key components of the Fortinet Security Fabric, which enables immediate, intelligent defense against known and new threats throughout the entire network.

How useful was this post?

Click on a star to rate it!

Average rating / 5. Vote count:

No votes so far! Be the first to rate this post.

We are sorry that this post was not useful for you!

Let us improve this post!

Tell us how we can improve this post?

Leave a Reply

Your email address will not be published. Required fields are marked *