Fortinet 100A User Manual

System network

Zone settings

FortiGate-100A Administration Guide

01-28007-0068-20041203

61

DNS

Several FortiGate functions, including Alert E-mail and URL blocking, use DNS. You
can add the IP addresses of the DNS servers to which your FortiGate unit can
connect. DNS server IP addresses are usually supplied by your ISP.

You can configure primary and secondary DNS server addresses, or you can
configure the FortiGate unit to obtain DNS server addresses automatically. To obtain
addresses automatically, at least one interface must use the DHCP or PPPoE
addressing mode. See

“DHCP” on page 50

. See

“PPPoE” on page 51

.

If you enable DNS Forwarding on an interface, hosts on the attached network can use
the interface IP address as their DNS server. DNS requests sent to the interface are
forwarded to the DNS server addresses you configured or that the FortiGate unit
obtained automatically.

Figure 11: DNS

To add DNS server IP addresses

1

Go to System > Network > DNS.

2

Change the primary and secondary DNS server IP addresses as required.

3

Select Apply to save the changes.

Obtain DNS server
address automatically

When DHCP is used on an interface, also obtain the DNS server IP

address. Available only in NAT/Route mode. You should also enable

Override internal DNS in the DHCP settings of the interface. See

“DHCP” on page 50

.

Primary DNS Server

Enter the primary DNS server IP address.

Secondary DNS Server Enter the secondary DNS server IP address.
Enable DNS
forwarding from

Enable the check boxes of the interfaces to which DNS Forwarding

applies. Available only in NAT/Route mode.