Skip to main content
patrickwilson82
patrickwilson82
New Member
September 14, 2018
Question

Guest SSID DNS not working

  • September 14, 2018
  • 2 replies
  • 11941 views

I have a FortiAP connected to my Fortigate that has two SSID's, an internal SSID and a Guest SSID. They were both set with my primary DNS server as their DNS server. Both the internal SSID and the internal LAN are working with no issues. Out of no where my DNS stopped working on the Guest SSID. The rep at Fortinet Support suggested I just use Google DNS for the DNS server on my SSID. Is this really an acceptable alternative? Is there anything I need to check for to try to get it working with my primary DNS? Nothing out of the ordinary is in event viewer under DNS. Thanks.

    2 replies

    wanglei_FTNT
    Staff
    wanglei_FTNT
    Staff
    September 14, 2018

    You should be able to use your primary DNS server for both your internal and guest network

     

    Can you give little bit more info on this?

     

    1) can client connected with guest SSID get right DNS server?  Most likely yes but please do double-check

    2) can client ping DNS server? If not, Is there any particular firewall rule etc to disallow this?

    3) If client can ping but couldn't resolve domain name, you can check on FGT to see whether DNS traffic has hit FGT and been routed correctly

     

     

    patrickwilson82
    patrickwilson82Author
    New Member
    September 14, 2018

    When I do an ipconfig /all it does show that it's getting my DNS server. Client cannot ping the DNS server, and there is no rule set up to block this.

    wanglei_FTNT
    Staff
    wanglei_FTNT
    Staff
    September 14, 2018

    There are too many possibilities and I think our support should be able to help you narrow down. Even you don't have a rule to block it, you might need rule to allow the access from your guest network to DNS server network depending on your config.   If it worked before and you haven't done any config/code change, it might not be configuration related. 

    rwpatterson
    rwpatterson
    New Member
    September 14, 2018

    Perhaps a reboot is in order. It's a simple thing to do. It may do nothing, but you'll find out in two minutes as opposed to banging your head against the wall. Sometimes if the unit has been up for a really long time (<200 days or so), this may do some good. An upgrade at the same time may not be a bad idea while you're at it.

    Terms & ConditionsAccessibility statement