Description
This article describes how to create a DNS database for a website that is hosted in the local network.
Scope
FortiGate.
Solution
Local DNS servers can be created for a network. Depending on the specific requirements, entries can either be manually managed (via a primary DNS server) or configured to reference an external source (as a secondary DNS server).
A local primary DNS server requires the manual addition of all URL and IP address combinations.
Configuration steps from the GUI:
- Go to System -> Feature Visibility and enable DNS Database under additional features.
- Navigate to Network -> DNS Servers and create New DNS Database.
If the view is set to shadow, it can be used by only internal users. Choose a DNS zone and mention the domain name of that zone as shown in the example above.
Mention the hostname of the DNS server along with the contact email address for the administrator. Disable the Authoritative option because IP addresses can change, and maintaining the list can become labor-intensive.
- Add DNS entries:
In the above image, the FQDN is considered, based on the mentioned hostname along with the domain name.
- Create DNS Service on the interface:
In the above image, port1 is chosen as the devices from where the Ip address needs to be resolved are located behind it.
- Set the DNS server as the default gateway of the firewall, in the above scenario, it is set as 172.16.32.1 (IP address of port1):
After the DNS server is mentioned, to test perform nslookup of the FQDN, which would resolve to the internal IP address hosted in the Lan network.