Re: DNS Web Filtering Requires Using Fortinet DNS Servers?
My experience with this is that it just needs to be an external DNS server. If you use internal, it won't hit the firewall to run the policy. Then you need the rule to have the DNS port. So I tested various web filtering policies and the DNS policy didn't kick in, but that's because the rules only had HTTP(S). I made a separate rule with only DNS going to 22.214.171.124, and applied the DNS filtering policy and the policy worked.