Set internal interface as dns forwarder (on 8.8.8.8) for the client

mazzatore · ‎02-04-2019

Hi all

In my environment i want to configure the same ip for gateway and dns on all the clients

The ip is the internal interface ip.

My internal interface ip is 192.168.100.1, how can i configure the firewall in the way that all

the dns queries made by the clients on 192.168.100.1 will be forwarded to 8.8.8.8 ?

Thanks for support

mazzatore · ‎02-05-2019

No ideas guys?

andrewbailey · ‎02-05-2019

Mazzatore,

I'm a relative begineer with Fortigate but you requirement seems pretty easy and conventional. Here's what I would suggest you do:-

[ul]

As background, the Fortigate caches DNS qeurries locally (ie if it knows the answer to the DNS querry it wont check again until the cache timers expire. This improves perforamnce and user experience).

In your scenario set your system DNS settings to 8.8.8.8 (Google DNS server IP). You can add two DNS servers here so also add 8.8.4.4 (Google's second DNS server IP). This is set under "Network", "DNS". You should also specify IPv6 addresses if you are using them.

Under "Network", "DNS Servers" set up a DNS Server for each interface you are using. Specify the LAN port, set "Foward to System DNS" (for your use case) and add an optional DNS filter if you want.

For each LAN interface you want to use, under "Network", "Interfaces" select "Same as Interface IP" for both the "Gateway" and "DNS Server". These options are just above the "Advanced" section.

I hope you have already setup the interface config- under "Network", "Interfaces" you will need to set the interface address (manual, PPPoE or DHCP as you need) and set up a DHCP server if you need it.[/ul]

That should achieve what you want- gateway and DNS server the same as the interface IP. With DNS resolution via those google address.

Let me know if that helps you.

Kind Regards,

Andy.