Help
FortiADC
FortiADC enhances the scalability, performance, and security of your applications whether they are hosted on premises or in the cloud.
gsharma
Staff
Staff

Created on ‎10-30-2023 11:00 PM Edited on ‎10-30-2023 11:02 PM By Staff

Article Id 282002

Technical Tip: DNS policy for internal users query

Description This Article describes how to configure DNS policy for internal users.
Scope FortiADC-VM, FortiADC.
Solution

If there is a requirement to set up the DNS policy for internal users, their request will only be listened by the interface which is internal.

 

DNS policy has to be configured in such a way that in the source, it can include the internal LAN segment address group, and in a destination, it is possible to specify the same LAN segment or the Internal interface IP address as well.

 

Follow the below steps:

 

  • Go to Global Load Balance -> Zone tools -> Address group.

 

address group.JPG

 

  • After configuring the address group go to Zone and select 'Create new'.

 

zoneinternal.JPG

 

  •  Call this Zone list in the DNS policy:
 

DNSpol.JPG

 

Note:

Enable the Recursion, the DNS server will then attempt all checks to answer the query. If Disabled DNS server will return a referral response.

 

Related document: 

Configuring a Global DNS policy
464
Suggest New Article
Article Feedback
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2026 Fortinet, Inc. All Rights Reserved.