Created on 10-02-2022 11:27 AM Edited on 10-02-2022 11:28 AM By Anthony_E
Description | This article describes how to implement split DNS for Local and Global domain. |
Scope | FortiGate DNS feature version 7.2.1. |
Solution |
Scenario: 1) The local DNS server will be used to resolve only the local name server, 2) Global DNS server, in this case, FortiGuard DNS server, will be used to resolve global DNS query.
Diagram:
Local domain name : 40gate.co.id Secondary DNS server: 172.16.10.254 (IP address of local DNS server).
Note. Secondary DNS server showing 'unreachable' is EXPECTED here. Just to only resolve the local DNS name.
Fortigate DNS config: no firewall policy rule is required.
User config: set the user to request DNS to the FortiGate DNS interface: 192.168.16.1.
Local DNS can successfully be resolved:
Global DNS can successfully be resolved:
DNS request process on FortiGate.
DNS cache.
Related documents: https://docs.fortinet.com/document/fortigate/6.2.0/cookbook/960561/fortigate-dns-server https://docs.fortinet.com/document/fortigate/6.2.0/cookbook/121810/using-a-fortigate-as-a-dns-server |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.