FortiGuard DNS problems: "no available Fortiguard SDNS servers" & "A rating error occurs"
We're noticing this problem across multiple clients this morning. Any users using Internet access policies with a DNS Filter profile enabled are blocked from accessing the Internet. The DNS Query logs show constant failures with:
[ul]The FortiGuard page shows two green "check" status indicators and "diag debug rating" doesn't show any obvious errors.
This is not a config problem. This has happened simultaneously across multiple FortiGates with known good working configs and no recent config changes. Changing the FortiGuard protocol and port between UDP and HTTPS, 53, 443 and 8888 doesn't seem to make a difference. The only solution is to either remove the DNS Filter profile from the policies or set "Allow DNS requests when a rating error occurs" to enabled in the DNS Filter profiles - then traffic starts flowing again.
This seems pretty clearly to be a back-end FortiGuard DNS problem. Anyone else seeing this? Any official acknowledgement of any FortiGuard DNS problems?
Russ
NSE7