DNS Filter | Fortinet Technical Discussion Forums

Join us now!

Username
Password
Verification
	Stay logged in

Forgot Your Password? Forgot your Username? Haven't received registration validation E-mail?

User Control Panel Log out

Forums
Posts

Latest Posts

Active Posts

Recently Visited

Search Results

View More
Blog

Recent Blog Posts

View More
Photos

Recent Photos

My Favorites

View More Photo Galleries
PMs

Unread PMs

Inbox

Send New PM View More
Page Extras
Menu
- Forum Themes
- Member List
- Online User List
- User Groups

Videos, Cookbook, KB

Mark Thread UnreadFlat Reading Mode ❐

Hot!DNS Filter

Author Post Essentials Only Full Version
AKrause Gold Member Total Posts : 210 Scores: 0 Reward points: 0 Joined: 2006/07/21 01:58:16 Location: Germany Status: offline 2018/09/13 01:41:21 (permalink) 0 DNS Filter We have recently upgraded to FortiOS 5.4.8 and want to use the DNS-Filter. I have configured a DNS-Filter and applied it to the corresponding firewall policy. Beside some Monitor or Block settings for some categories the DNS-Filter is configured to log all Domains. Where can I see the logs of the DNS-Filter? There is no DNS-Filter category on the Log & Report Section on the local FGT-1500D - nor can I find any logs on the connected FortiAnalyzer. #1 4 Replies Related Threads
SecurityPlus Gold Member Total Posts : 212 Scores: 4 Reward points: 0 Joined: 2014/08/11 18:41:34 Status: online Re: DNS Filter 2018/09/14 04:28:43 (permalink) 0 Under policy Optionshave you tried turning on Log: All Sessions? https://m.youtube.com/watch?v=fY4X4zRilyY FWF30E, FG50E, FWF50E, FG60D, FWF60D, FG80E, FG100D FortiOS 5.2, 5.4, 5.6, and 6.0 FAP-221E, FAP-221C #2
Prab Bronze Member Total Posts : 55 Scores: 4 Reward points: 0 Joined: 2017/12/04 01:30:25 Status: offline Re: DNS Filter 2018/09/17 08:09:35 (permalink) 0 AKrause We have recently upgraded to FortiOS 5.4.8 and want to use the DNS-Filter. I have configured a DNS-Filter and applied it to the corresponding firewall policy. Beside some Monitor or Block settings for some categories the DNS-Filter is configured to log all Domains. Where can I see the logs of the DNS-Filter? There is no DNS-Filter category on the Log & Report Section on the local FGT-1500D - nor can I find any logs on the connected FortiAnalyzer. FortiOS 5.6 In FortiManager you can view the domains under the *Log View -> DNS* section: And on the FGT's GUI under Log & Report -> DNS query sidenote: In this case the IPv4 policy to which DNS filter was assigned was configured to log the UTM (security events) logs only. Hope it helps! Thanks & regards, Prab Attached Image(s) #3
AKrause Gold Member Total Posts : 210 Scores: 0 Reward points: 0 Joined: 2006/07/21 01:58:16 Location: Germany Status: offline Re: DNS Filter 2018/09/17 23:30:54 (permalink) 0 Thanks for your replies. However we are running FOS 5.4 I raised a ticket at fortinet support. After a lot of ticket pingpong (show screenshots etc..) they finally got the solution: There is no DNS-Filter log in FortiOS 5.4 at all. Update to FortiOS 5.6 #4
Prab Bronze Member Total Posts : 55 Scores: 4 Reward points: 0 Joined: 2017/12/04 01:30:25 Status: offline Re: DNS Filter 2018/09/18 02:46:53 (permalink) 0 AKrause Thanks for your replies. However we are running FOS 5.4 I raised a ticket at fortinet support. After a lot of ticket pingpong (show screenshots etc..) they finally got the solution: There is no DNS-Filter log in FortiOS 5.4 at all. Update to FortiOS 5.6 Glad that the Support figured it out. There is something you could try, I am not sure if it will help: Are the clients using the FGT as a DNS? If yes, then you could try creating a normal IPv4 policy for it and log the traffic for this policy. I think in that case you shall see some logs for the DNS request/replies etc. #5

Jump to:

© 2018 APG vNext Commercial Version 5.5