Fortinet Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
jay_ghosh
New Contributor

How to log all outgoing DNS queries (Port 53) on Fortigate 100E

Hi connections!!

Like every other typical networks all my internal PCs are always sending DNS queries with port 53 to the internet. I want all those PCs' IP addresses and the DNS queries, they are sending to the internet. I have a Fortigate 100E; 2 ISPs; 1 LAN (192.168.1.0/24); No VLAN. For additional info: My Firewall's LAN port IP is - 192.168.1.1 and all the client are having that IP as their default gateway. Can anyone help me out? 

1 Solution
Hosemacht
Contributor II

Hey there,

 

just set up a proxyoption with dns enabled, add it to the regarding policy and enable log-allowed-traffic.

sudo apt-get-rekt

View solution in original post

1 REPLY 1
Hosemacht
Contributor II

Hey there,

 

just set up a proxyoption with dns enabled, add it to the regarding policy and enable log-allowed-traffic.

sudo apt-get-rekt