Dear,
Analyzing the logs on my WLAN I see hundreds of repeated error messages. Failure Details:
Action: DNS-no-domain Reason: Server 120.64.11.10 replied "non-existing domain" Message: DNS lookup of from client failed with "non-existing domain"
This type of error is displayed for all APs. In "Reason" the IP varies a bit. Any idea what that might be?
Best Regards
André
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Perhaps you have a rogue DHCP server that is misconfigured and someone grabbed a config from there?
Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com
so it makes sense what you see, these requests do result in a non-existing domain because they don't exist
i dont believe a rogue DHCP server is in play here
these are just regular DNS requests to names that don't exist
wpad is for auto proxy discovery
those couple of weird random character ones are probably this from chrome: https://isc.sans.edu/forums/diary/Google+Chrome+and+weird+DNS+requests/10312/
the intel one is most likely old or buggy software on a system looking for a hostname which doesn't exist (anymore)
the nts2000.nts2000.lan i can't directly explain but probably is also part of some auto discovery which uses your configured DNS suffixes to check for something.
there isnt anything "bad" going on here. FortiGate is just reporting what it sees and that seems to be correct.
as mentioned you can try sniffing and you will see (some of) your clients just making these requests.
Server replied "non-existing domain" for NTS2000.nts2000.lan
I've had the same issue and wanted to post my solution
The Wifi SSID uses WPA2 with an NPS as radius server. This is a windows server who's own microsoft certificates are renewed sometimes. SInce the same server also has a custom *.domain.lan NPS chooses this certificate as the new certificate. -> I believe this wildcard certificate is responsible for the NTS2000.nts2000.lan DNS request
After choosing the correct certificate in NPS PEAP authentication the Wifi was back up and running
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1692 | |
1087 | |
752 | |
446 | |
228 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.