Hi all,
I want to configure the following:
Use the Fortigate as DNS server.
When a user enters a specific text(eg:acceptance.location) in the URL/Domain like 'test.acceptance.location.company.com' i want the DNS request forwarded to a group of DNS servers(1.1.1.1/1.1.1.2/1.1.1.3).
When a users enters a specific text(eg:production.location) in the URL/Domain like 'test.production.location.company.com' i want the DNS request forwarded to a group of DNS servers(2.2.2.1/2.2.2.2/2.2.2.3).
Is this possible on our Fortigate V6.0.0?
Kind regards,
Gerk
Hi all,
No one got a clue if this works or how to solve this?
Thanks!
Gerk
As far as I am aware, this is done on the DNS server with zones. I'm not aware of any mechanism on a Fortigate that would do this. One DNS server would forward requests to the second. (actually it would act as a slave and use records from the primary)
Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com
if a DNS is not authoritative for a domain (i.e. it does not have a zone for it at all) it will ask the root dns servers who is authoritative and then forward the request to it. This is standard DNS protocoll.
If the root dns dont know that domain too it will state "NXDOMAIN" (i.e. doesn't exist/cannot be resolved).
if it is authortiative (i.e. it has a zone for the domain) it will use the information in its zone to resolve it.
FortiGate's DNS Server can manage zones.
However you cannot afaik forward DNS Traffic specific for a domain. DNS Forward will only forward all.
Maybe you could do it with a policy that only allows DNS for domain #1 to the correct server. But I never tried that, so not sure if it would work...
--
"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams
Hi all,
Thanks for your answers.
This seems what i'm look for:
DNS Request Routing - https://community.sophos.com/kb/en-us/123099
Thanks!
Gerk
yes it probably is. Am just not sure if this is supported by FortiOS...
--
"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.