WAN DNS

zainnykaz · ‎04-30-2024

So my ISP has provided me IP address configurations as follows

IP address: 111.444.888.xxx

Subnet mask: 255.255.255.xxx

Default gateway: 111.44.888.XX1

DNS: 183.456.789.XXX

Now if I enter these settings on my laptop the internet works fine My question is how can I add this on fortigate? I already have 2 ISP connections on SD-WAN connected with fortigate with ISP routers using DHCP. What I did is I created WAN interface, added the IP manually, created another SD-WAN zone configured default gateway and set static route 0.0.0.0/0.0.0.0 with the interface of the new sd wan zone. But still the internet is not working.

My question is:

Where do I have to add the DNS details ?

dbhavsar · ‎04-30-2024

Hi @zainnykaz ,

- you can manually specify the DNS servers under Network > DNS. You can add upto 2 DNS servers at a time:
https://docs.fortinet.com/document/fortigate/7.4.3/administration-guide/960561/fortigate-dns-server
- Regarding the Internet not working if you are other 2 interfaces are getting DHCP ip from ISP, they also receive the route with distance 5. And Can you please check the static route you have created for that the default AD is 10 so that could be the reason it is not working.
- Please share the output of following:
get router info routing table details 0.0.0.0

DNB

zainnykaz · ‎04-30-2024

will it effect my other ISP connections ? Also have I configured the Static ISP IP correctly ? or is there any other way also ?

dbhavsar · ‎04-30-2024

Hi @zainnykaz ,

- It won't affect the other ISP, but new sessions will go through new Interface and existing sessions will not be affected. other way to set IP is through CLI:
https://help.fortinet.com/fdb/5-0-0/html/source/tasks/t_network_configuration_cli.html
- regarding the static IP you can double check with the ISP and what they provide the same you can use in the FortiGate interface configuration.

DNB

hbac · ‎04-30-2024

Hi @zainnykaz,

By default, default routes of dynamic wan interfaces have administrative distance of 5 and if your new static route has a higher administrative distance, it is not gonna work. Please refer to https://community.fortinet.com/t5/FortiGate/Technical-Note-Routing-behavior-depending-on-distance-an...

Administrative distances should be the same for all wan interfaces to work.

Regards,

alwis · ‎05-01-2024

Hi @zainnykaz

I believed your issue are related to Administrative Distance [AD], since your 2 of your ISP are using DHCP and it will use AD of 5. Since you have 3rd ISP and its static, by default fortigate will create AD of 10, you just need to change the AD of your 3rd ISP to be 5 so it will be install on the routing table.

Please verify again your routing table.

Alwis

Genobaseball10 · ‎05-01-2024

I would like to agree with everyone stating this is an Administrative Distance issue. Check your routing table in the CLI with "get router info routing-table all" and you'll see your routes along with their respective AD.

CCNA | FCP | CWNA

WAN DNS

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website