Description |
This article describes how to fix the DNS Query showing ‘dns-response’ with values of Category:‘255’ and Category Description: ‘Unknown’. under FortiGate -> Log&Report -> DNS Query. |
Scope |
FortiGate v6.2.x. |
Solution |
- Make sure to configure the DNS setting and DNS filter profile including putting the setting in the firewall policy ID correctly.
-Under FortiGate -> Log&Report -> DNS Query, for 'DNS Type' : dns-response packet, it shows with 'Action':: pass with the correct firewall policy ID wanted. But it shows the value of 'Category' column with ‘255’ and the value of 'Category Description' column with ‘Unknown’
- Everything works fine and the DNS setting is properly configured , the FortiGate can connect to FortiGuard service, and FortiGate gets the correct rating.
- Check and correct the CLI commands as below: It is possible to do it with CLI commands of the FortiGate via Telnet,SSH , or CLI Console on GUI of FortiGate.
FGT # config system fortiguard FGT (fortiguard) # set sdns-server-ip "208.91.112.220" FGT (fortiguard) # end
Then it may show the correct values in 'Category' column and 'Category Description' column for 'DNS Type': dns-response packet as below.
|
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.