Skip to main content
B1202
B1202
New Member
October 20, 2017
Question

FortiGate - DNS

  • October 20, 2017
  • 1 reply
  • 5125 views

Hello,

 

I would like my Fortigate firewall to resolve internal IPs.  In looking at the Network > DNS settings I see it's set to "Use Fortiguard" and there is a message stating "Connected to FortiGuard /Web Filtering Licensed."

 

In order for these services to function (FortiGuard) and (WebFilter) do I have to use the FortiGuard DNS servers?  I already have web filtering configured and using SSO.  It's been working wonderfully so I don't want to disrupt that.  I am on 5.4.5 if that matters. I am in a Windows 2012R2 domain environment with internal DNS servers.  I am also using a FortiAnalyzer which I was able to point to internal DNS servers and it is resolving names when in "FortiView" however not resolving when looking at "LogView"  I entered the command via CLI on the FAZ to enable resolving.

 

Thanks for your help.

1 reply

EMES
EMES
New Member
October 20, 2017
You will be okay to change to internal dns. It's not required to use fortiguard dns for those services.
B1202
B1202Author
New Member
October 20, 2017

Thank you for the information.  I made the change and see some sources are being resolved however some are not that should be as they are resolvable at the internal DNS server being used.  Also, this is only true within fortiview > sources and not in "forward logs" or "all sessions"  Do I have this setup correctly or am I missing something?

Terms & ConditionsCookie settingsAccessibility statement