The only link I can find on the support site with this scenario I am wanting to achieve is https://community.fortinet.com/t5/FortiGate/Technical-Tip-DNS-database-with-FortiGate-as-a-slave-to-... where it gives the basic items to do to get this working. What I am making further inquiry about is what might need to be done on the Windows side? i.e... since this is going to a secondary DNS, is the FortiGates's DNS, BIND, and thus I need to set the Windows DNS properties to allow BIND secondaries? Do I need to turn off DNSSEC for remote responses? Just those types of inquiries since the article did not expound on that at all...and since I am running into errors, this has gotten me to make further inquiry.
From the Windows side of things, I get a "Validation error, please try again later". From the FortiGate's side, when I do "diag test application dnsproxy 8" from the CLI, I do get record information like the example output of the link provided, yet from the GUI, there is nothing that shows me I was successful (like # of Entries for example).
Thanks.
Solved! Go to Solution.
Hello ,
You can try the below
Windows DNS Configuration:
FortiGate DNS Configuration:
You can start with the admin guide: https://docs.fortinet.com/document/fortigate/7.4.0/administration-guide/960561/fortigate-dns-server
some configurations can be simplified if you need to use as a simple DNS forwarders or to add another zone. If this is the case you don't need to go with complex configurations and changes on Microsoft DNS server
Hello ,
You can try the below
Windows DNS Configuration:
FortiGate DNS Configuration:
When you configure "Allow zone transfers" on Windows side, make sure you use the right FGT IP address, usually the one in the same subnet as your Windows server.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1740 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.