Hello,
For Network -> DNS is it recommended to use your internal DNS servers? I see one option is "Use FortiGuard Servers" which would replace both the Primary/Secondary servers. I currently have the Primary being our ISP's and Secondary being an internal server. Any feedback is appreciated. Thanks
Teh FortiGuard servers are DNS Proxies and not very reliable from my experience; it's recommended to use your ISP/External and/or Internal DNS servers.
DNS settings (http://help.fortinet.com/fos50hlp/56/Content/FortiOS/fortigate-networking/DNS/DNS.htm)
You configure basic DNS queries on interfaces that connect to the Internet. When a user requests a website, FortiGate looks to the configured DNS servers to provide the IP address of the website in order to know which server to contact to complete the transaction.
You configure DNS server addresses by selecting Network > DNS, and then specifying the DNS server addresses. These addresses are typically supplied by your ISP. If you have local Microsoft domains on the network, you can enter a domain name in the Local Domain Name field.
In a situation where all three fields are configured, FortiGate first looks to the local domain. If no match is found, FortiGate sends a request to the external DNS servers.
If virtual domains (VDOM) are enabled, you create a DNS database in each VDOM. All of the interfaces in a VDOM share the DNS database in that VDOM.
-TFWD
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1735 | |
1107 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.