Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
vifi
Staff
Staff

Created on ‎01-15-2025 01:05 AM Edited on ‎01-15-2025 01:08 AM By Moderator

Article Id 370123

Technical Tip: How to allow an website that is being blocked by DNS Filter

Description This article describes configuring DNS Filter to allow a website that DNS Filter blocks.
Scope FortiGate v7.2.
Solution Sometimes a website is blocked by a DNS Filter.

blocked.png

 

Example:
https://accounts.o2.co.uk/ is blocked by DNS Filter.

The category to which this website belongs is allowed in DNS Filter. However, the website gets blocked.

  1. Perform a nslookup.
 
C:\Users>nslookup accounts.o2.co.uk
Name:    d3c17wgn4zp1k7.cloudfront.net
Addresses:  18.172.153.90
          18.172.153.59
          18.172.153.12
          18.172.153.33
Aliases:  accounts.o2.co.uk
          lbprdcachetieraccountsproxy.o2r53ctp.co.uk
          lbprd0cachetieraccountsproxy.o2r53ctp.co.uk
  

  1. Configure the DNS Filter profile.

     

Note that adding only 'accounts.o2.co.uk' is insufficient.
The other hostnames that are related to this website should be added as well.

dns filter static.png
The same logic could be applied to other websites when facing this issue.
906
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.