FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Article Id 307513
Description This article describes how to troubleshoot if the DHCP clients are going to a different DNS server than the one configured in the System DNS of FortiGate.
Scope FortiGate v7.0+

Check if there is a specific DNS server configured in the DHCP server under Network-> Interfaces. Select the interface that has the DHCP server setup, select 'Edit', go to the DHCP server setting and make sure DNS Server is set to ‘Same as System DNS’:




Check all FortiGate interfaces that are configured to have DHCP Addressing mode. In the interface settings, make sure ‘Override internal DNS’ is disabled:




If this setting is enabled, FortiGate will use the DNS server retrieved from this interface rather than what is specified in the DNS setting on FortiGate.

After this, the DHCP clients should go to the DNS server configured on FortiGate DNS settings.