DNS in a FG-30D?

ede_pfau · ‎06-16-2015

Pals,

could someone please confirm that a FG-30D running v5.2.3 will forward DNS requests to the provider on the WAN link? I know a 'real' local DNS is deliberately left out but I couldn't find any settings for specifying a DNS relay. My hope is that there is an implicit forward for DNS requests targeted at the FGT.

Anybody using the 30D?

Ede

"Kernel panic: Aiee, killing interrupt handler!"

lunhas2k4 · ‎06-18-2015

Hi ede_pfau,

I've installed yesterday 4 FWF30D and 1 today and I am having a funny issue.

Sometimes it forwards the dns requests and some times it doesn't. I am using them at remote clients and I had to use public dns on the host machines on those sites. I would like to use the firewall as my dns server but I am having issues with this feature.

I haven't really helped but that is my experience with this appliances. Would love to get a resolution for this issue.

Be

Carlitos loves firewalls

NSE4 (5.4,6.0)

NSE5 (Fortimanager 6.0, Fortianalyzer 6.0)

NSE7 (Enterprise Firewall 6.0)

Dave_Hall · ‎06-18-2015

It should be:

config system dns-server edit <intf_name> set mode {forward-only | non‑recursive | recursive} end

But according to the 30D PDF (pointed out in this thread), it was removed on the smaller units.

NSE4/FMG-VM64/FortiAnalyzer-VM/6.0 (FWF30E/FW92D/FGT200D/FGT101E/FGT81E)/ FAP220B/221C

ede_pfau · ‎06-19-2015

Thanks Dave, I should've searched the forums more...but my hope was that they "implicitely" forward DNS requests. That would require a DNS proxy and exactly this was cut out for the smallest units.

Ain't no Fortigate if it's below a 60D.

Ede

"Kernel panic: Aiee, killing interrupt handler!"