FQDN

tli · ‎10-27-2023

Hi guys ,

Can i get an valid fqdn created on fortigate just for local purpose , as the option is available , i mean a DNS A record .

And also , do a need to have domain name , can i have this created on fortigate as well so i can complete this purpose .

Look forward to your reply .

Thanks !

mle2802 · ‎10-27-2023

Hi @tli,

You can configure FortiGate as DNS server and create DNS record as your need. Please refer to this document for more information "https://docs.fortinet.com/document/fortigate/7.4.1/administration-guide/960561/fortigate-dns-server"

Regards,
Minh

tli · ‎10-27-2023

Many thanks - I will take a look .

Thanks !

ebilcari · ‎10-27-2023

You can configure FGT as a DNS server from GUI after enabling DNS Database from Feature Visibility.

- Emirjon
If you have found a solution, please like and accept it to make it easily accessible for others.

tli · ‎03-21-2024

@ebilcari sorry for the late , i lost my password and recovered successfully.

Listen , i did all of that , iam using Forigate 100D - but both ping test and nslookup do not give right response . Iam seeing some docs explain it s recommended in the dhcp server within the fotinet , you have to set the " same as interface" on Dns server option , but anyway i also tried this with no success ... Just to show you my tries... in case you have completed this , please post a reply .

Thanks !

AEK · ‎03-21-2024

You need to configure on your client the FG IP as primary DNS server.

The FG IP is the one the FG DNS server is listening on.

You can do a test from client like this:

nslookup  sub.domain.com  x.x.x.x

Where x.x.x.x is the FG IP of the interface on which DNS server is listening on

AEK

tli · ‎03-21-2024

Clear explaination ..

tli · ‎03-22-2024

@AEK @ebilcari @mle2802

clearly understand what you've described above ...

Here is my senario... A public ip @ is set in the wan interface and this also act as dns servers for all workstation, the the lan interface has a private ip address with dhcp for local subnet and all workstation/server is behing the fortigate ,using this local subnet for internal communication ... i want to create a dns entry , and set a fqdn for one of a sever that is part of the local subnet for local purpose, so like when i issue the nslookup test.server.com to have resolve the ip adddress of the server.

I tested the above sugestion many times , no luck ... even tried the dns interface both wan and lan still no luck . Maybe i am wrong from the begining of the steps or just like a piece is missing. Awaiting a response . Thanks !

AEK · ‎03-22-2024

Please share screenshots of DNS server config on FortiGate and the below command from an internal client:

nslookup  sub.domain.com  x.x.x.x

AEK

tli · ‎03-23-2024

@AEK

Here are the screenshots ...

nslookup server.test.com 192.168.40.10
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.40.10

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.

>nslookup server.test.com
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: X.X.X.X

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.