Fortigate DNS Server reverse lookup

Forum|Forum|4 years ago
September 9, 2021
3 replies
12020 views

Hi,

my Foritgate is acting as a DNS server with static entrys. However a revrese lookup (ip to name) on a client which have fortigate as a DNS server configured gives no result.

Is there an additional setting which have to be configured for DNS reverse lookup?

Kind Regards,

Juergen

ede_pfau

SuperUser

In short (as I am on holidays and not at my desk):

1- You need to create an additional zone, aptly named like a reverse zone.

2- Populate it with PTR records instead of A records.

Then the FGT will do reverse lookups. It is clumsy, and PTR records are not created automatically, but it works.

jpveen

New Member

did you configure PTR records for every A record you want the reverse lookup to work for? That's required to get reverse lookups working as far as I know.

rik-e

New Member

Hi Juergen,

are you using an active directory by an chance?

If so you could forward these requests to the domain dns servers.

I did it this way and it works fine:

conf system dns-database

edit "10.in-addr.arpa"
set domain "10.in-addr.arpa"
set ttl 28800
set authoritative disable
set forwarder "[DC1]" "[DC2]"

This way every PTR request for IPs of 10.0.0.0/8 gets forwarded.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded