Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Soufian
New Contributor

traffic that originates from the FortiGate going to external to DNS GOOGLE

I need help please: I have fortigate 601e firmware v6.2.3 my problem is the traffic that comes from the FortiGate is going outside the GOOGLE DNS, use the dot interface IP address point -to-point for more security I want to use the Nat service for this type of traffic. I can't find how. can someone help me please?

 

 

 

6 REPLIES 6
AEK
Honored Contributor

Hi Soufian

You can specify on CLI the source interface & IP that is used when sending DNs request.

config system dns
set source-ip x.x.x.x

 

AEK
AEK
Soufian
New Contributor

my fortigate sends traffic with a source ip of the interface which is connected to the WAN. I want to do a nat for this source ip address.

example of source ip address:
source ip 195.12.5.3 i want to make for this address that uses for local fortigate traffic a NAT to hide it 

Thanks  

AEK
Honored Contributor

Hi Soufian

I don't know a way to NAT FGT's self generated traffic like we can do on PAN.

The only way to do in your case is "set source-ip" for dns config as explained already.

AEK
AEK
Debbie_FTNT
Staff
Staff

Hey Soufian,

you can define source IPs in FortiGate for traffic that it generates and sends itself.

For example, for DNS traffic:

 

config system dns

set source-ip <IP>

end

 

This causes the FortiGate to send out traffic with the specified source IP to the external DNS servers when it needs to do a DNS lookup.

You can set source IPs via CLI for a lot of config items; you would need to know why FortiGate speaks to google DNS (DNS server settings, link-health-monitors, etc), and set source IPs in the corresponding CLI config.

+++ Divide by Cucumber Error. Please Reinstall Universe and Reboot +++
Soufian
New Contributor

Thanks so much  :D that its work :D

Debbie_FTNT

Great to hear :)

+++ Divide by Cucumber Error. Please Reinstall Universe and Reboot +++
Labels
Top Kudoed Authors