Description

This article describes how to add a bare domain (a domain without a subdomain). An example of a bare domain is 'nat.local'.

Scope

FortiGate.

Solution

1. Configure DNS Database on FortiGate.

Technical Tip: Different options of configuring DNS server on FortiGate

2. Add an entry on a specific zone that was created in step 1.

   GUI:
   Network -> DNS Servers -> DNS Database -> Select Zone -> Edit -> DNS Entries -> Create New.
   
   

   

    

   Enter '@' in the Hostname field and IP address in the IP Address field -> Select OK -> Select OK.
   
   

   

    

   CLI:
   
   

   config system dns-database
       edit "NAT"
           set domain "nat.local"
           set authoritative disable
               config dns-entry
                   edit 1
                       set hostname "@"
                       set ip 10.218.0.18
                   next
               end
       next
   end

    

   exec ping nat.local
   PING nat.local (10.218.0.18): 56 data bytes
   64 bytes from 10.218.0.18: icmp_seq=0 ttl=128 time=0.6 ms
   64 bytes from 10.218.0.18: icmp_seq=1 ttl=128 time=0.5 ms
   64 bytes from 10.218.0.18: icmp_seq=2 ttl=128 time=0.5 ms
   64 bytes from 10.218.0.18: icmp_seq=3 ttl=128 time=0.5 ms
   64 bytes from 10.218.0.18: icmp_seq=4 ttl=128 time=0.6 ms

   --- nat.local ping statistics ---
   5 packets transmitted, 5 packets received, 0% packet loss
   round-trip min/avg/max = 0.5/0.5/0.6 ms

   
   diag test app dnsproxy 8
   worker idx: 0
   vfid=0 name=NAT domain=nat.local ttl=86400 authoritative=0 view=shadow type=primary serial=2081857053 refresh=0
   SOA: nat.local (primary: dns.nat.local, contact: host@nat.local, serial: 2081857053)(86400)
   A: nat.local-->10.218.0.18(86400)

    

    

Related articles:

Technical Tip: DNS database with FortiGate as a slave to a Windows AD DNS master

Technical Tip: Different options of configuring DNS server on FortiGate