System Network Configuring FortiGate DNS services
FortiGate Version 4.0 MR1 Administration Guide
01-410-89802-20090903 207
http://docs.fortinet.com/ • Feedback
5 Configure the hosts on the internal network to use the FortiGate interface as their DNS
server.
If you are also using a FortiGate DHCP server to configure the hosts on this network,
add the IP address of the FortiGate interface to the DNS Sever IP address list.
To configure a FortiGate interface to relay DNS requests to external DNS servers
Configure a FortiGate interface to relay DNS requests to the DNS servers configured for
the FortiGate unit under System > Network > Options.
1 Go to System > Network > Options and add the IP addresses of a Primary and
Secondary DNS server.
These should be the DNS servers provided by your ISP or other public DNS servers.
The FortiGate unit uses these DNS servers for its own DNS lookups and can be used
to supply DNS look ups for your internal networks. See “Configuring Networking
Options” on page 204.
2 Go to System > Network > Interface and edit the interface connected to a network that
you want the FortiGate unit to be a DNS server for.
3 Select Enable DNS Query and select Recursive.
The interface is configured to look up domain names in the FortiGate DNS database.
and relay the requests for names not in the FortiGate DNS database to the DNS
servers configured under System > Network > Options. If you do not add entries to the
FortiGate DNS database all DNS requests are relayed to the DNS servers configured
under System > Network > Options.
4 Configure the hosts on the internal network to use the FortiGate interface as their DNS
server.
If you are also using a FortiGate DHCP server to configure the hosts on this network,
add the IP address of the FortiGate interface to the DNS Sever IP address list.
To configure a FortiGate interface to resolve DNS requests using only the FortiGate
DNS database
Configure a FortiGate interface to resolve DNS requests using the FortiGate DNS
database and to drop requests for host names that not in the FortiGate DNS database.
1 Go to System > Network > Options and add the IP addresses of a Primary and
Secondary DNS server.
These should be the DNS servers provided by your ISP or other public DNS servers.
The FortiGate unit uses these DNS servers for its own DNS lookups and can be used
to supply DNS look ups for your internal networks. See “Configuring Networking
Options” on page 204.
2 Go to System > Network > Interface and edit the interface connected to a network that
you want the FortiGate unit to be a DNS server for.
3 Select Enable DNS Query and select Non-Recursive.
When you select Non-Recursive only the entries in the FortiGate DNS database are
used.
4 Go to System > Network > DNS Database and configure the FortiGate DNS database.
Add zones and entries as required. See “Configuring the FortiGate DNS database” on
page 208.
To Next Page
Loading...
Need help?
General
