Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Kevin_Shanus
New Contributor III

Basic DNS Question

Hello,

 

For Network -> DNS is it recommended to use your internal DNS servers? I see one option is "Use FortiGuard Servers" which would replace both the Primary/Secondary servers. I currently have the Primary being our ISP's and Secondary being an internal server. Any feedback is appreciated. Thanks

1 REPLY 1
theFWdude
New Contributor

Teh FortiGuard servers are DNS Proxies and not very reliable from my experience; it's recommended to use your ISP/External and/or Internal DNS servers.

 

DNS settings (http://help.fortinet.com/fos50hlp/56/Content/FortiOS/fortigate-networking/DNS/DNS.htm)

You configure basic DNS queries on interfaces that connect to the Internet. When a user requests a website, FortiGate looks to the configured DNS servers to provide the IP address of the website in order to know which server to contact to complete the transaction.

 

You configure DNS server addresses by selecting Network > DNS, and then specifying the DNS server addresses. These addresses are typically supplied by your ISP. If you have local Microsoft domains on the network, you can enter a domain name in the Local Domain Name field.

 

In a situation where all three fields are configured, FortiGate first looks to the local domain. If no match is found, FortiGate sends a request to the external DNS servers.

 

If virtual domains (VDOM) are enabled, you create a DNS database in each VDOM. All of the interfaces in a VDOM share the DNS database in that VDOM.

 

-TFWD

-TFWD
Labels
Top Kudoed Authors