- Forums
- Knowledge Base
- Customer Service
- FortiGate
- FortiClient
- FortiAP
- FortiAnalyzer
- FortiADC
- FortiAuthenticator
- FortiBridge
- FortiCache
- FortiCarrier
- FortiCASB
- FortiConnect
- FortiConverter
- FortiCNP
- FortiDAST
- FortiDDoS
- FortiDB
- FortiDNS
- FortiDeceptor
- FortiDevSec
- FortiDirector
- FortiEDR
- FortiExtender
- FortiGate Cloud
- FortiGuard
- FortiHypervisor
- FortiInsight
- FortiIsolator
- FortiMail
- FortiManager
- FortiMonitor
- FortiNAC
- FortiNAC-F
- FortiNDR (on-premise)
- FortiNDRCloud
- FortiPAM
- FortiPortal
- FortiProxy
- FortiRecon
- FortiRecorder
- FortiSandbox
- FortiSASE
- FortiScan
- FortiSIEM
- FortiSOAR
- FortiSwitch
- FortiTester
- FortiToken
- FortiVoice
- FortiWAN
- FortiWeb
- Wireless Controller
- RMA Information and Announcements
- FortiCloud Products
- ZTNA
- 4D Documents
- Customer Service
- Community Groups
- Blogs
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
- Fortinet Community
- Knowledge Base
- FortiGate
- FortiGate DNS queries can fail
Options
- Subscribe to RSS Feed
- Mark as New
- Mark as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
Not applicable
Created on 01-17-2007 12:00 AM
Article Id
196211
Article
| Description | If you do not change your FortiGate unit default DNS configuration, FortiGate-initiated DNS queries can fail. DNS queries that fail can cause address resolution problems and can also cause the FortiGate unit and FortiGuard AntiSpam to identify legitimate email as spam. |
| Components |
|
| Steps or Commands | ProblemFortiOS 3.0 on all FortiGate units includes a default DNS configuration. Most users should change this default configuration to avoid DNS lookup failures. The default FortiGate DNS configuration assists with resolving FortiGuard Service addresses and for other DNS requirements during the installation of your FortiGate unit. The default DNS servers are 65.39.139.53 and 65.39.139.63. In all releases of FortiOS 3.0, you can view the default DNS configuration on the FortiGate Web-based manager by going to System> Network> Options. SymptomThere is a common issue when continuing to use default DNS servers. FortiGuard AntiSpam and spam filtering features such as HELO DNS lookup and Return e-mail DNS check use DNS queries. If DNS queries used by these features fail while analyzing an email message, the email fails a reverse DNS check, even when it should pass. As a result, the FortiGate unit identifies the email as spam when it is not spam. Email identified as spam may be tagged or discarded by the FortiGate unit. SolutionChange the FortiGate unit DNS configuration. Go System> Network> Options and enter new primary and secondary DNS server IP addresses. Use the IP addresses of the DNS servers on your local network or the DNS servers recommended by your service provider. |
Labels:
Broad. Integrated. Automated.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Security Research
Company
News & Articles
Copyright 2024 Fortinet, Inc. All Rights Reserved.