| Description |
Wildcard FQDN shows an unresolved IP address and the user is unable to access to the URLs if that applied Wildcard FQDN at firewall policy.
This article provides a solution to resolve the IP address for Wildcard FQDN. |
| Scope | FortiGate. |
| Solution |
Issue scenario: '*.playstation.com' is used as an example for Wildcard FQDN with the targeted URL included:
After creating a Wildcard FQDN, it will show an Unresolved FQDN when hovered.
If this Wildcard FQDN is applied to the policy, it will not function properly as this Wildcard FQDN does not have any IP address information for the related URLs.
Solution: Below is the guide to resolve the IP address for Wildcard FQDN that was created in FortiGate.
1) A policy with DNS service is required to create and put on top of the Wildcard FQDN address policy.
When any URLs are related to Wildcard FQDN are reached, it will hit the above DNS policy 1st and the IP address of the URLs will be recorded inside Wildcard FQDN.
After access to the related URLs, hover again on the Wildcard FQDN, this time it will show the IP address information.
|
