Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor II

Wildcard DNS A record



I need to setup a wildcard domain to get an internal file hosting server running. How can i go about this? I am using the DNS server in Fortigate 101E. When i tried to put a * in the hostname field when creating an A record, the UI says it is an invalid domain.


Any help or guidance will be much appreciated. Thank you.


Yes "*" is indeed an invalid domain since that would mean every domain in the whole world :)


I gues what you want is something like "any subdomain" of your domain.

I'd try to set this as FQDN...however I up to now never needed this on a FGT DNS so cannot say for sure..


"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams

-- "It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams
New Contributor



I have same problem, how add all subdomains in one record?

Esteemed Contributor III

1st no such thing exist from a DNS RR for "wildcard" domain in our FortiOS appliances


2nd what specifically are you trying todo? And why do you think you need it ?


I seen alot of mis-use for . "wildcard" A record an it will screw up search engines.


just my 2cts







PCNSE NSE StrongSwan
New Contributor

I need to make an A-record that will look at one IP from several sub-domains. For example * = 192.168.x.x

New Contributor

I have the same problem. It very serious problem for me. My case is:

We have 3 servers that dinamical generate web servers (Kubernetes-stand) for testing product. Each web-server has unique name (subdomain) an is located on one of three servers.  




As a result, when I change the microtic to fortigate I can not send developers to the desired web server.


Was there a resolution for this?


Hm this is FortiOS specific behavior. Looks like Fortinet doesn't meet the DNS specs.


basically in a DNS Zone it is definitely allowed to set a wildcard


* IN A <ip>  does always mean *.domain.tld (i.e. anything not matched by other A entries in the zone).


And no this does not mean any domain in the world as it is only valid in a zone. This means it is only valid for subdomains of 2nd level domain the zone is for.


 Edit: looking at your screenshot again: you cannot enter a wildcard as host! What you want is the wildcard in the FQDN Field!


"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams

-- "It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams
New Contributor

The FQDN field is not editable. Wildcard is a valid host in most DNS platforms. Feels like an oversight when creating the DNS server module tbh.

New Contributor

what is going here? Is there a solution? I also miss an option to insert a A record for the complete domain, not only the * option like for:


Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Top Kudoed Authors