Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Accionet
Contributor

[SOLVED] Vdom DNS

Hi all!. I recently downgrade a 80C appliance from 4MR2 to 4MR1.4. 2 days after, ISP change their DNS and Fortiguard web filter fails at this moment. Investiganing I can see this in system configuration: Show system dns: config system dns set primary 192.168.100.254 set secondary 80.58.61.254 end That´s OK. But this not work. Test diagnostic shows: diagnose test application dnsproxy: vdom: root, index=0, is master, vdom dns is enabled, mip-169.254.0.1 dns-server:62.42.230.24 dns-server:62.42.63.52 DNS_CACHE: hash-size=2048, ttl=1800, min-ttl=60, max-num=5000 DNS FD: udp_s=8 udp_c=9:10 ha_c=13 unix_s=14, unix_nb_s=15, unix_nc_s=16, v6_udp_s=7, v6_udp_c=11:12 DNS FD: tcp_s=18, tcp_s6=17 FQDN: hash_size=1024, current_query=1024 DNS_DB: response_buf_sz=4096 Here DNS servers are not correct. ¿How can I reconfigure or disable DNS VDOM search?. Thank you in advance.
7 REPLIES 7
hidayet
New Contributor

Hi Accionet, Check the picture below, command : set vdom-dns {disable | enable}
http://www.hidayetaltun.com
http://www.hidayetaltun.com
Accionet

Hello. Thanks hidayet, but I try this command and fails it! config system dns: set vdom-dns disable command parse error before ' vdom-dns' Command fail. Return code -61 It seems that this command is not usefull in this context. If I change vdom to enable, I can not config system dns. Thank you.
hidayet
New Contributor

did you enable-disable?
http://www.hidayetaltun.com
http://www.hidayetaltun.com
Accionet

Yes, vdom enabled, disables, firmware updated to 4MR2 and downgrades to 4MR1.4. I can not disable vdom-dns. Thanks.
hidayet
New Contributor

Interesting! Check the link below (Title Using virtual domains-page 125) http://docs.forticare.com/fgt/techdocs/fortigate-admin.pdf
http://www.hidayetaltun.com
http://www.hidayetaltun.com
Accionet

Administrator guide do not solve my problemm. Disable vdom-dns it´s not posiible. Thank you.
Accionet
Contributor

Hello again. Problemm solved!. ISP has changed DNS assigned by DHCP on WAN2 interface (WAN1 is static) and do not work. I´ve disabled DNS assignation on DHCP for WAN2 and Fortigate uses DNS on Settings now. ISP is changing now DNS servers assigned by DHCP to others work fine. Thank you.
Top Kudoed Authors