Fortinet Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
David_Tan
New Contributor II

Wildcard DNS A record

Hi,

 

I need to setup a wildcard domain to get an internal file hosting server running. How can i go about this? I am using the DNS server in Fortigate 101E. When i tried to put a * in the hostname field when creating an A record, the UI says it is an invalid domain.

 

Any help or guidance will be much appreciated. Thank you.

11 REPLIES 11
sw2090
Honored Contributor

Yes "*" is indeed an invalid domain since that would mean every domain in the whole world :)

 

I gues what you want is something like "any subdomain" of your domain.

I'd try to set this as FQDN...however I up to now never needed this on a FGT DNS so cannot say for sure..


-- 

"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams

ch2
New Contributor

Hi,

 

I have same problem, how add all subdomains in one record?

emnoc
Esteemed Contributor III

1st no such thing exist from a DNS RR for "wildcard" domain in our FortiOS appliances

 

2nd what specifically are you trying todo? And why do you think you need it ?

 

I seen alot of mis-use for . "wildcard" A record an it will screw up search engines.

 

just my 2cts

 

Ken 

 

PCNSE 

NSE 

StrongSwan  

ch2
New Contributor

I need to make an A-record that will look at one IP from several sub-domains. For example *.example.com = 192.168.x.x

zakrush
New Contributor

I have the same problem. It very serious problem for me. My case is:

We have 3 servers that dinamical generate web servers (Kubernetes-stand) for testing product. Each web-server has unique name (subdomain) an is located on one of three servers.  

*.example.com 192.168.1.1

*.example.com 192.168.1.2

*.example.com 192.168.1.3

As a result, when I change the microtic to fortigate I can not send developers to the desired web server.

Roger_N

Was there a resolution for this?

sw2090
Honored Contributor

Hm this is FortiOS specific behavior. Looks like Fortinet doesn't meet the DNS specs.

 

basically in a DNS Zone it is definitely allowed to set a wildcard

 

* IN A <ip>  does always mean *.domain.tld (i.e. anything not matched by other A entries in the zone).

 

And no this does not mean any domain in the world as it is only valid in a zone. This means it is only valid for subdomains of 2nd level domain the zone is for.

 

 Edit: looking at your screenshot again: you cannot enter a wildcard as host! What you want is the wildcard in the FQDN Field!


-- 

"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams

epacke
New Contributor

The FQDN field is not editable. Wildcard is a valid host in most DNS platforms. Feels like an oversight when creating the DNS server module tbh.

Michael1030
New Contributor

what is going here? Is there a solution? I also miss an option to insert a A record for the complete domain, not only the * option like for:

example.com  192.168.100.1