Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
ChiefSec_Fortinet
New Contributor

FortiGuard DNS issue

Recently ran into an issue where the Fortigate was providing incorrect IP addresses for requests to Microsoft domains. This led to certificate errors in outlook and browser connections to portal.azure.com.

 

There appears to be some Reddit evidence of other users also seeing this issue:

https://www.reddit.com/r/fortinet/comments/yuu50t/dns_issues_while_using_fortinet_dns_servers/

 

Looks like the same IP that we saw (93.174.121.39) and Certificate (SubName = gaia.iphost.gr)

 

As a work-around you can change your FW DNS settings to point to a 3rd party DNS provider, but curious if other people are seeing this and/or how to keep it from happening while using FortiGuard services for DNS. (I believe this is a requirement to leverage DNS filtering)

11 REPLIES 11
ChiefSec_Fortinet
New Contributor

Is there anywhere I can lookup the details/status of that bug ID?

BHJ
New Contributor

Hi

This issue still exist.
When assigning Fortiguard DNS servers to clients, they still receive occasional, random replies to DNS lookups, where clients using 208.67.222.222 or 8.8.8.8 receive consistent replies.

 

Screenshot 2024-12-18 071654.png




Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors