DNS resolution FortiGate
DNS resolution not working when DNS Server configured to 'Same as Interface IP'
Deny: DNS error - Many entries "Deny:DNS Error" in Forward traffic log
DNS Error on Fortigate - Slow DNS resolution due to DNS Filter
DNS filter - A rating error occurs - all Fortiguard SDNS servers failed to respond
FortiGate DNS queries can fail



DNS 8.8.8.8

Local Internet Service Provider

dns

DNS Error" in Forward traffic log

Switch Interface 192.168.1.1 DNS

DNS Server Interface DNS

If you do not change your FortiGate unit default DNS configuration, FortiGate-initiated DNS queries can fail.
DNS queries that fail can cause address resolution problems and can also cause the FortiGate unit and FortiGuard AntiSpam to identify legitimate email as spam.


FortiOS on all FortiGate units includes a default DNS configuration. Most users should change this default configuration to avoid DNS lookup failures.

The default FortiGate DNS configuration assists with resolving FortiGuard Service addresses and for other DNS requirements during the installation of your FortiGate unit.






This article provides a solution to DNS resolution not working
when DNS Server is configured to "Same as Interface IP".

DNS resolution can be seen to fail.


Solution

Enable the DNS Database Feature.




Configure a DNS Server for the interface that DNS requests will be sent to.

Set the mode to "Forward to System DNS".






DNS resolution can now be seen to be successful.




:
https://kb.fortinet.com/kb/documentL...rnalID=FD40580
https://forum.fortinet.com/tm.aspx?m=148090
https://forum.fortinet.com/tm.aspx?m=157701
https://forum.fortinet.com/tm.aspx?m=155134
https://forum.fortinet.com/tm.aspx?m=157361
https://forum.fortinet.com/tm.aspx?m=139287

https://forum.fortinet.com/tm.aspx?m=138190