Hello,
I will like to forward all DNS queries at my network to go through a safer DNS server like 9.9.9.9. This is the current configuration - My DHCP server is the FortiGate and it is directed to a DNS server at my network. I will like to keep the DNS server as it is but instead of sending the queries to my ISP DNS server I want it to run through the quad9 DNS server. Any ideas?Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Create a VIP which redirects (destination NAT) your ISP's DNS address to quad9.
external address: 1.2.3.4 (your ISP's DNS)
mapped-to: 9.9.9.9
no port forwarding.
Then, create a policy
from LAN
to WAN
src addr LAN/24
dest addr: this_VIP
service: DNS
and query with "nslookup" from a host.
I use this to reduce NTP queries by redirecting them to the FGT LAN interface, and using the FGT as NTP server. Sometimes this is easier than walk around and change so many devices...
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1647 | |
1071 | |
751 | |
443 | |
214 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.