FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
In some cases, the network is not working due to DNS is down or intermittence. DNS responsible to resolve domain/URL to IP address.
If the DNS unable to resolve, the domain will not reachable.

This article will assist on the DNS troubleshooting.


There are 3 scenarios for the DNS issue in the network:

1)Fortigate is DNS server.
- PC will use Fortigate interface as DNS server.

2) PC is using local DNS server.
- PC will directly use local DNS server in the network.

3) PC is using public DNS server.
- PC will directly use public DNS such as,

This troubleshooting will focus on Windows machine.
Open command prompt. And run below command:
Ping <----- Any domain which is not working.

Ping to is to verify internet connectivity.
-If PC able to ping means internet connectivity is working fine.

Ping to is to verify DNS resolution.
-If PC able to ping but not, means the DNS is not working.

Basically, Windows(or any machine) will not able to resolve domain on this condition:
- No Preferred/Alternate DNS Server is configured.
- DNS server is not reachable.
- DNS server did not respond to the DNS query.
- DNS server doe not have the DNS record.

Firstly, Lets check on the Windows configuration as below picture.

Current adapter is using as Preferred DNS server. is a public DNS that will resolve public domain/URL.

This public DNS cannot resolve local URL/domain name.

Ping syarif-pc
Because this URL/domain only introduced internally.
Public DNS like will not have this information.

However, can resolve below address:
To check if the DNS is working or not, change the Preferred DNS server on the Windows machine and do domain ping test.
If the internal DNS server did not respond to the request, please check on that DNS server.

To have further assistance, contact Fortinet support


DNS resolution is depend on DNS server database.
If DNS server able to provide the information, it will give the information to the client.

In this scenario is Windows machine.