Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Rider
New Contributor

Fortigate DNS Server reverse lookup

Hi,

 

my Foritgate is acting as a DNS server with static entrys. However a revrese lookup (ip to name) on a client which have fortigate as a DNS server configured gives no result.

 

Is there an additional setting which have to be configured for DNS reverse lookup?

 

Kind Regards,

 Juergen

3 REPLIES 3
ede_pfau
Esteemed Contributor III

In short (as I am on holidays and not at my desk):

1- You need to create an additional zone, aptly named like a reverse zone.

2- Populate it with PTR records instead of A records.

 

Then the FGT will do reverse lookups. It is clumsy, and PTR records are not created automatically, but it works.

 


Ede

"Kernel panic: Aiee, killing interrupt handler!"
Ede"Kernel panic: Aiee, killing interrupt handler!"
jpveen
New Contributor

did you configure PTR records for every A record you want the reverse lookup to work for? That's required to get reverse lookups working as far as I know.

rik-e
New Contributor

Hi Juergen,

 

are you using an active directory by an chance?

If so you could forward these requests to the domain dns servers.

 

I did it this way and it works fine:

 

conf system dns-database

edit "10.in-addr.arpa"
set domain "10.in-addr.arpa"
set ttl 28800
set authoritative disable
set forwarder "[DC1]" "[DC2]"

 

This way every PTR request for IPs of 10.0.0.0/8 gets forwarded.

 

 

Labels
Top Kudoed Authors