System Network Network Options
FortiGate Version 3.0 MR4 Administration Guide
01-30004-0203-20070102 89
DNS Servers
Several FortiGate functions use DNS, including alert email and URL blocking. You
can specify the IP addresses of the DNS servers to which your FortiGate unit
connects. DNS server IP addresses are usually supplied by your ISP.
You can configure FortiGate models numbered 100 and lower to obtain DNS
server addresses automatically. To obtain these addresses automatically, at least
one FortiGate unit interface must use the DHCP or PPPoE addressing mode. See
“Configuring DHCP on an interface” on page 78 or “Configuring an interface for
PPPoE or PPPoA” on page 80.
FortiGate models 100 and lower can provide DNS Forwarding on their interfaces.
Hosts on the attached network use the interface IP address as their DNS server.
DNS requests sent to the interface are forwarded to the DNS server addresses
that you configured or that the FortiGate unit obtained automatically.
Dead gateway detection
Dead gateway detection periodically pings a ping server to confirm network
connectivity. Typically, the ping server is the next-hop router that leads to an
external network or the Internet. The ping period (Detection Interval) and the
number of failed pings that is considered to indicate a loss of connectivity (Fail-
over Detection) are set in System > Network > Options.
To apply dead gateway detection to an interface, you must configure a ping server
on it.
To add a ping server to an interface
1 Go to System > Network > Interface.
2 Choose an interface and select Edit.
3 Set Ping Server to the IP address of the next hop router on the network connected
to the interface.
4 Select the Enable check box.
5 Select OK to save the changes.
Enable DNS forwarding from This option applies only to FortiGate models 100 and
lower operating in NAT/Route mode.
Select the interfaces that forward DNS requests they
receive to the DNS servers that you configured.
Dead Gateway Detection Dead gateway detection confirms connectivity using a
ping server added to an interface configuration. For
information about adding a ping server to an interface, see
“Dead gateway detection” on page 89.
Detection Interval Enter a number in seconds to specify how often the
FortiGate unit pings the target.
Fail-over Detection Enter the number of times that the ping test fails before
the FortiGate unit assumes that the gateway is no longer
functioning.
To Next Page
Loading...
Need help?
General