Cannot resolve hostname from Guest network

ForgetItNet · ‎05-22-2023

Hi all,

We have some handheld android tablets on a "guest" network on our Fortigate 100F and they get an IP address of say 192.168.30.0 and we have a server on a DMZ on another interface on say 10.10.10.10 but all connected to the same physical 100F. The tablets connect to the server fine when they are off our network (i.e at 3rd party sites etc) but they cannot connect to the server when inside our network (on the Guest network). If i do a trace route then it picks up that it needs to go to 10.10.10.10 but hits the guest interface on the router (so 192.168.30.1) but then the next hop is our WAN IP address instead of the interface IP of our DMZ network? What do i need to do to get it to route "internally" ?

Hope that makes sense.

Thanks

AEK · ‎05-22-2023

Hello

No need to add a route since the networks are directly connected to FGT.

Check the following:

Your FGT DHCP server must assign 10.10.10.10 as DNS server to your guests
Add policy to allow guests to send DNS queries to 10.10.10.10
Try query your DNS from a guest
Check DNS request logs on FGT

AEK

View solution in original post

AEK · ‎05-22-2023

Hello

No need to add a route since the networks are directly connected to FGT.

Check the following:

Your FGT DHCP server must assign 10.10.10.10 as DNS server to your guests
Add policy to allow guests to send DNS queries to 10.10.10.10
Try query your DNS from a guest
Check DNS request logs on FGT

AEK

Cannot resolve hostname from Guest network

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website