I'm getting something odd happening which I've never seen before, I am intermittently getting DNS queries answered with a 198.18.x.y address.
Using Fortiguard or local DNS servers doesn't make any difference to the behaviour.
It happens with both local clients and through the CLI on the box.
Have to say I've no seen that before!
Go to Solution.
Is the Fortigate's WAN(s) interfaces configured/set to override internal DNS?
NSE4/FMG-VM64/FortiAnalyzer-VM/6.0 (FWF30E/FW92D/FGT200D/FGT101E/FGT81E)/ FAP220B/221C
View solution in original post
And to add, you can diag sniffer packet any "host x.x.x.x and src port 53" to see the DNS-answers
Could you paste ASCII results from the query? Pictures don't quite work.
Bob - self proclaimed posting junkie!See my Fortigate related scripts at: http://fortigate.camerabob.com
Dave Hall wrote:Is the Fortigate's WAN(s) interfaces configured/set to override internal DNS?
I like your thinking, where do I find that? I've looked all over the place in the GUI and dumped out the full config on the wan interface and I see nothing standing out :(
The setting should be listed there unless the web browser version you are using is not 100% compatible (e.g. page element corruption.)
The default setting is enabled I believe - all default settings won't show up when listed in the config (in the CLI) unless you use "show full".
Just to confirm are you getting DNS quires from host 198.18.x.y or are DNS quires resolving to 198.18.x.y ? And yeah, your original pic didn't come out.
Thank you to everyone who mentioned Override DNS setting.
I'd forgotten that I'd started to set up a failover ADSL link with that ticked (by default I guess) and the ADSL had failed returning the oddjob 198 addresses.
@Dave Hall's post: "override" will only be displayed if WAN type is DHCP or PPPoE.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2023 Fortinet, Inc. All Rights Reserved.