Hi,
I need to setup a wildcard domain to get an internal file hosting server running. How can i go about this? I am using the DNS server in Fortigate 101E. When i tried to put a * in the hostname field when creating an A record, the UI says it is an invalid domain.
Any help or guidance will be much appreciated. Thank you.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
I used the @ symbol for the field "Hostname" and it seems to have worked.
Hello Michael,
what are you trying to accomplish?
DNS does not support and is not intended to answer for a wildcard entry.
That works with certificates, but a * is not a valid A-record entry in any DNS server I know of.
I did some research and found this is indeed possible, although it will have expected adverse effects.
I don't think you can make the FortiGate respond to any query of a domain with the same IP address. This makes only sense in a captive portal environment (internal), that however is limited as the FortiGate would have to respond not only to that one domain, but ALL domains with the same IP for internal users.
Best regards,
Markus
Back to what another had previously commented on this ticket, re DNS specs.
Hm this is FortiOS specific behavior. Looks like Fortinet doesn't meet the DNS specs.
basically in a DNS Zone it is definitely allowed to set a wildcard
* IN A <ip> does always mean *.domain.tld (i.e. anything not matched by other A entries in the zone).
And no this does not mean any domain in the world as it is only valid in a zone. This means it is only valid for subdomains of 2nd level domain the zone is for.
I have the same problem now, AD and F5 DNS can do *. A records, now I need to do the same to rewrite a subzone for our development team's isolated environment, and its a section that needs to use different DNS, so DNS-Server works great for this, all but for this one roadblock I've just hit.
Kind Regards,
Tim
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1516 | |
1013 | |
749 | |
443 | |
209 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.