FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
caunon
Staff
Staff
Description

This article describes how to fix the DNS Query showing ‘dns-response’ with values of Category:‘255’ and Category Description: ‘Unknown’.  under FortiGate -> Log&Report  -> DNS Query.

Scope

FortiGate v6.2.x.

Solution

- Make sure to configure the DNS setting and DNS filter profile including putting the setting in the firewall policy ID correctly.

 

-Under  FortiGate -> Log&Report -> DNS Query, for 'DNS Type' : dns-response packet, it shows with 'Action':: pass with the correct firewall policy ID wanted.

But it shows the value of 'Category' column with ‘255’ and the value of 'Category Description' column with ‘Unknown’

255_UnknownKB.png

 

- Everything works fine and the DNS setting is properly configured , the FortiGate can connect to FortiGuard service, and FortiGate gets the correct rating.

 

- Check and correct the CLI commands as below:

It is possible to do it with CLI commands of the FortiGate via Telnet,SSH , or CLI Console on GUI of FortiGate.


At CLI command of FGT :

FGT # config system fortiguard

FGT (fortiguard) # set sdns-server-ip "208.91.112.220"

FGT (fortiguard) # end

 

Then it may show the correct values in 'Category' column and 'Category Description' column for 'DNS Type': dns-response packet as below.

 

CorrectCategoryAndCategoryDescription.png
Contributors