Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
vusal_d
New Contributor

Deep inspection Setup: for SMB and DNS traffic

Hello

Have a few questions about deep inspection

I would like to apply some APP profiles which require deep inspection to be turned on in each rule

 

FOr example. I have internal DNS Server 

I have a few VLANs, which has access to internal DNS server to be able to resolve internal hostnames

What will happen if I turn on deep inspection whitin those rules?

 

Moreover

I have bind DNS Server acting as Public DNS Server which is behind fortigate, and I would likr to turn on deep inspection in that rule as well

SO my question is: would my DNS Servers operate normally ?

 

And one more thing

I have rule named as reverse Proxy. App Filter says me to enable deep inspection in that rule as well.

but when I enable this feature, websites behind fortigate (it forwards 80/443 to my Apache, more that 60 websites, where 20 of them actively visited) refuse to load, I see certificate error message instead of website. ANd this will happen with every person who wants to visit that website

 

1 REPLY 1
gfleming
Staff
Staff

DNS is typically unencrypted so does not require deep inspection. You can inspect DNS traffic no problem using those rules.

 

The app inspection is going to be enabled on your internet-based policies (for traffic that leaves your Fortigate after DNS resolution is completed). For this policy you may need deep inspection for all app control profiles to work properly.

Cheers,
Graham
Labels
Top Kudoed Authors