execute nslookup name 192.168.1.15With the DNS settings under Network, it was configured to use: Primary DNS Server: External DNS Serv1 IP Secondary DNS Server: External DNS Serv2 IP Local Domain Name: domain.local Im considering changing this to Primary DNS Server: Internal DNS Serv1 IP Secondary DNS Server: Internal DNS Serv2 IP Local Domain Name: domain.local Would this be the reason why its only resolving some IPs to names?
Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com
The DNS servers configured on the FGT need to point to the DNS server(s) that holds the entries for the local machines. External servers won' t have that information. If they did, security would be non-existent.I' m not expecting external DNS servers to have PTR records for internal hosts, that would be daft The help for this section of the firewall provides the following information
DNS server addresses are configured by going to System > Network > DNS. Here you specify the DNS server addresses. Typically, these addresses are supplied by your ISP. An additional option is available if you have local Microsoft domains on the network, by entering a domain name in the Local Domain Name field. In a situation where all three fields are configured, the FortiGate unit will first look to the local domain. If no match is found, a request is sent to the external DNS servers.To Clarify: Client computers contact the local internal MS DNS servers (Domain Controllers) which have forwarders configured to forward external queries to external DNS servers. Clients are not having any DNS issues - Forward/reverse and external queries work without issue so this is somewhat irrelevant to the problem. The problem is that the Fortinet firewall is not resolving the IPs of client systems back to names from the internal DNS servers. I will change the DNS server IPs on the Firewall to point to the internal DNS servers and see if the situation improves. Ideally if I could run a reverse DNS lookup from the CLI of the firewall, it would allow me to see if its having a problem resolving the IPs to names and what the problem is. Strange that the FW resolves some IPs but not others. If I run a reverse DNS lookup from a client computer for any of the IPs listed on the FW Top Sources log, the name is returned.
User | Count |
---|---|
2674 | |
1410 | |
810 | |
702 | |
455 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.