Hi everyone 

I'm new here and i hope someone can help me with my problem

our customer network looks like :

stack core switches ---- routers ---- Fortigate --- internet----Fortigate---- datacenter

in core switches 3 vlans are configured 

1- vlan 16 for it.local

2- vlan 1 for dsvm

3- vlan 17

4- vlan 18 dmz   (new)

 they asked me to create new vlan in same way as the other vlans, after that they asked vlan 16 should talk see vlan 18 so i what i have configured in fortigate :

1- Nat (VIP) port( http and tcp -8080) 

2- ipv4 policy allowed source (all) to destination (VIP)

3- static route for the new range same way as others

4- from the vlans interface to trust interface allowed all -- all 

what i achieved is : 

1- i can ping from range vlan 16 to vlan 18 and the same for vlan 18 

2- dns servers for all is in range vlan 16 

10.50.16.31

10.50.16.32

3- i can ping from server in vlan 18 to these dns servers

4- i can telnet port 53 in vlan 18 

the problem that i face right now

1- i cannot access any website/page when  i use the dns servers although i can ping them 

2- but when i change it to google dns everything is working properly 

but this is not a good plan to keep it in public dns i have tried a lot to figure it out but without hope so  can i get some help with that