Created on
01-01-2025
10:36 PM
Edited on
09-18-2025
10:31 PM
By
Jean-Philippe_P
This article describes how to create a DNS database for a website that is hosted in the local network.
FortiGate.
Local DNS servers can be created for a network. Depending on the specific requirements, entries can either be manually managed (via a primary DNS server) or configured to reference an external source (as a secondary DNS server).
A local primary DNS server requires the manual addition of all URL and IP address combinations.
Configuration steps from the GUI:
If the view is set to shadow, it can be used by only internal users. Choose a DNS zone and mention the domain name of that zone as shown in the example above.
Mention the hostname of the DNS server along with the contact email address for the administrator. Disable the Authoritative option because IP addresses can change, and maintaining the list can become labor-intensive.
In the above image, the FQDN is considered based on the mentioned hostname along with the domain name.
The DNS Entry also helps the FortiGate locally resolve FQDN (mywebsite3.com) to an IP address (192.168.100.10).
Verify the FQDN resolution by initiating pings on FortiGate.
exe ping mywebsite3.com
PING mywebsite3.com (192.168.100.10): 56 data bytes
64 bytes from 192.168.100.10: icmp_seq=0 ttl=64 time=0.6 ms
64 bytes from 192.168.100.10: icmp_seq=1 ttl=64 time=0.5 ms
64 bytes from 192.168.100.10: icmp_seq=2 ttl=64 time=0.5 ms
64 bytes from 192.168.100.10: icmp_seq=3 ttl=64 time=0.4 ms
64 bytes from 192.168.100.10: icmp_seq=4 ttl=64 time=0.4 ms
--- mywebsite3.com ping statistics ---
5 packets transmitted, 5 packets received, 0% packet loss
round-trip min/avg/max = 0.4/0.4/0.6 ms
In the above image, port1 is chosen as the device from where the IP address that needs to be resolved are located behind it.
After the DNS server is mentioned, to test, perform an nslookup of the FQDN, which would resolve to the internal IP address hosted in the LAN network.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.