Configuring Networking Options System Network
FortiGate Version 4.0 Administration Guide
146 01-400-89802-20090424
http://docs.fortinet.com/ • Feedback
DNS Servers
Several FortiGate functions use DNS, including alert email and URL blocking. You can
specify the IP addresses of the DNS servers to which your FortiGate unit connects. DNS
server IP addresses are usually supplied by your ISP.
You can configure FortiGate models numbered 100 and lower to obtain DNS server
addresses automatically. To obtain these addresses automatically, at least one FortiGate
unit interface must use the DHCP or PPPoE addressing mode. See “Configuring DHCP
on an interface” on page 130 or “Configuring an interface for PPPoE” on page 131.
FortiGate models 100 and lower can provide DNS Forwarding on their interfaces. Hosts
on the attached network use the interface IP address as their DNS server. DNS requests
sent to the interface are forwarded to the DNS server addresses that you configured or
that the FortiGate unit obtained automatically.
Dead gateway detection
Dead gateway detection periodically pings a ping server to confirm network connectivity.
Typically, the ping server is the next-hop router that leads to an external network or the
Internet. The ping period (Detection Interval) and the number of failed pings that is
considered to indicate a loss of connectivity (Fail-over Detection) are set in System >
Network > Options.
To apply dead gateway detection to an interface, you must configure a ping server for that
interface.
To add a ping server to an interface
1 Go to System > Network > Interface.
2 Choose an interface and select Edit.
3 Set Ping Server to the IP address of the next hop router on the network.
Obtain DNS server address
automatically
This option applies only to FortiGate models 100 and lower.
Select to obtain the DNS server IP address when DHCP is used on
an interface, also obtain the DNS server IP address. Available only
in NAT/Route mode. You should also enable Override internal DNS
in the DHCP settings of the interface. See “Configuring DHCP on an
interface” on page 130.
Use the following DNS
server addresses
This option applies only to FortiGate models 100 and lower.
Use the specified Primary DNS Server and Secondary DNS Server
addresses.
Primary DNS Server Enter the primary DNS server IP address.
Secondary DNS Server Enter the secondary DNS server IP address.
Local Domain Name Enter the domain name to append to addresses with no domain
portion when performing DNS lookups.
Enable DNS forwarding
from
This option applies only to FortiGate models 100 and lower
operating in NAT/Route mode.
Select the interfaces that forward DNS requests they receive to the
configured DNS servers.
Dead Gateway Detection Dead gateway detection confirms connectivity using a ping server
added to an interface configuration. For information about adding a
ping server to an interface, see “Dead gateway detection” on
page 146.
Detection Interval Enter a number in seconds to specify how often the FortiGate unit
pings the target.
Fail-over Detection Enter the number of times that the ping test fails before the FortiGate
unit assumes that the gateway is no longer functioning.
To Next Page
Loading...