redirect dns traffic from inside subnet to external dns

Question

I want to redirect DNS traffic from subnet (inside 10.200.180.0/24) to DNS (outside 184.72.238.58) If a client on the 10.200.180.0 network changes their DNS on their machine to any address like 8.8.8.8 I want that DNS packet to be redirected to 184.72.238.58

I want to redirect DNS traffic from subnet (inside 10.200.40.0/24) to DNS (outside 184.222.222.58) If a client on the 10.200.40.0 network changes their DNS on their machine to any address like 8.8.8.8 I want that DNS packet to be redirected to 184.222.222.58

LAST

If the machine is on the 10.200.10.0/24 subnet I want that DNS to go where ever that clients DNS is set. I don't care if it is 8.8.8.8 4.4.4.4 X.X.X.X just let it go.

This works on our ASA but I am new to Fortigate and have trouble finding a solution. If you can show an example that would be extremely helpful.

Thanks

Yurisk · Answer

I haven't tested it, but this one should work:

Create VIP with external address set to 0.0.0.0 with filter for DNS service
Use it for LAN -> WAN direction security rule.

Here port2 is LAN, port1 is WAN, LAN_10.17. is LAN address. Update us how it goes.

VIP for DNS service

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded