Guest SSID DNS not working | Fortinet Technical Discussion Forums

Join us now!

Username
Password
Verification
	Stay logged in

Forgot Your Password? Forgot your Username? Haven't received registration validation E-mail?

User Control Panel Log out

Forums
Posts

Latest Posts

Active Posts

Recently Visited

Search Results

View More
Blog

Recent Blog Posts

View More
Photos

Recent Photos

My Favorites

View More Photo Galleries
PMs

Unread PMs

Inbox

Send New PM View More
Page Extras
Menu
- Forum Themes
- Member List
- Online User List
- User Groups

Videos, Cookbook, KB

Mark Thread UnreadFlat Reading Mode ❐

Hot!Guest SSID DNS not working

Author Post Essentials Only Full Version
patrickwilson82 Bronze Member Total Posts : 38 Scores: 2 Reward points: 0 Joined: 2018/03/01 13:55:27 Status: offline 2018/09/14 10:20:04 (permalink) 0 Guest SSID DNS not working I have a FortiAP connected to my Fortigate that has two SSID's, an internal SSID and a Guest SSID. They were both set with my primary DNS server as their DNS server. Both the internal SSID and the internal LAN are working with no issues. Out of no where my DNS stopped working on the Guest SSID. The rep at Fortinet Support suggested I just use Google DNS for the DNS server on my SSID. Is this really an acceptable alternative? Is there anything I need to check for to try to get it working with my primary DNS? Nothing out of the ordinary is in event viewer under DNS. Thanks. #1 9 Replies Related Threads
wanglei_FTNT Bronze Member Total Posts : 53 Scores: 13 Reward points: 0 Joined: 2015/07/20 10:10:18 Status: offline Re: Guest SSID DNS not working 2018/09/14 11:32:15 (permalink) 0 You should be able to use your primary DNS server for both your internal and guest network Can you give little bit more info on this? 1) can client connected with guest SSID get right DNS server? Most likely yes but please do double-check 2) can client ping DNS server? If not, Is there any particular firewall rule etc to disallow this? 3) If client can ping but couldn't resolve domain name, you can check on FGT to see whether DNS traffic has hit FGT and been routed correctly #2
patrickwilson82 Bronze Member Total Posts : 38 Scores: 2 Reward points: 0 Joined: 2018/03/01 13:55:27 Status: offline Re: Guest SSID DNS not working 2018/09/14 12:36:45 (permalink) 0 When I do an ipconfig /all it does show that it's getting my DNS server. Client cannot ping the DNS server, and there is no rule set up to block this. #3
wanglei_FTNT Bronze Member Total Posts : 53 Scores: 13 Reward points: 0 Joined: 2015/07/20 10:10:18 Status: offline Re: Guest SSID DNS not working 2018/09/14 12:56:49 (permalink) 0 There are too many possibilities and I think our support should be able to help you narrow down. Even you don't have a rule to block it, you might need rule to allow the access from your guest network to DNS server network depending on your config. If it worked before and you haven't done any config/code change, it might not be configuration related. #4
rwpatterson Expert Member Total Posts : 8324 Scores: 185 Reward points: 0 Joined: 2006/08/08 10:08:18 Location: Long Island, New York, USA Status: online Re: Guest SSID DNS not working 2018/09/14 13:02:38 (permalink) 0 Perhaps a reboot is in order. It's a simple thing to do. It may do nothing, but you'll find out in two minutes as opposed to banging your head against the wall. Sometimes if the unit has been up for a really long time (<200 days or so), this may do some good. An upgrade at the same time may not be a bad idea while you're at it. -Bob - self proclaimed posting junkie! See my Fortigate related scripts at: http://fortigate.camerabob.com -4.3.19-b0694 FWF60B FWF80CM (4) FWF81CM (2) #5
patrickwilson82 Bronze Member Total Posts : 38 Scores: 2 Reward points: 0 Joined: 2018/03/01 13:55:27 Status: offline Re: Guest SSID DNS not working 2018/09/14 13:05:46 (permalink) 0 Are you talking a reboot of the Fortigate, or the AP? I've already done the AP. #6
patrickwilson82 Bronze Member Total Posts : 38 Scores: 2 Reward points: 0 Joined: 2018/03/01 13:55:27 Status: offline Re: Guest SSID DNS not working 2018/09/14 13:07:52 (permalink) 0 I may try contacting support again next week. Hopefully I will find someone who will have a better answer than to use Google DNS. Thank you! #7
patrickwilson82 Bronze Member Total Posts : 38 Scores: 2 Reward points: 0 Joined: 2018/03/01 13:55:27 Status: offline Re: Guest SSID DNS not working 2018/09/18 11:29:00 (permalink) 0 For anyone who is still following this, I found someone at Support who could help me. I needed to create a policy for my Guest SSID to LAN with my DNS server as the destination address. This allows me to use my DNS server on the Guest network while locking down my internal resources. #8
wanglei_FTNT Bronze Member Total Posts : 53 Scores: 13 Reward points: 0 Joined: 2015/07/20 10:10:18 Status: offline Re: Guest SSID DNS not working 2018/09/18 11:33:57 (permalink) 0 Thanks for the message and glad that it's working for you. #9
Ashu Gold Member Total Posts : 141 Scores: 12 Reward points: 0 Joined: 2015/04/17 04:33:45 Location: Muscat,Oman Status: offline Re: Guest SSID DNS not working 2018/09/18 11:39:02 (permalink) 0 Hi, This policy is mandatory to allow guest ssid subnet to reach your DNS behind LAN interface .My question is guest vlan is totally isolated from lan services so recommended to use external DNS if they do not access any of your internal services . Ashu #10

Jump to:

© 2019 APG vNext Commercial Version 5.5