Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Jonathan_Body_FTNT
Staff
Staff

Created on ‎09-19-2011 04:48 AM Edited on ‎04-06-2022 10:55 AM By Anonymous

Article Id 190888

Technical Note : How to override DNS for FortiGuard and use FortiManager

Description

This article explains how to override DNS lookup's for FortiGuard in FortiOS and point to DNS lookup's for FortiGuard via FortiManager.


Scope

FortiOS v4.0 and above.


Solution

In FortiOS by default, DNS lookup's for FortiGuard are performed via the FortiGate. A service-override service is available allowing these DNS lookup's to be performed by a FortiManager.

To configure the connect to the CLI of the FortiGate, perform the following:

1. Enable the service-override for FortiGuard Services.
config system fortiguard
set hostname "service.fortiguard.net"
set srv-ovrd enable

2. An override server list menu will be available once the service-override has been enabled, create a server entry and enter the IP of the FortiManager device.
config srv-ovrd-list
edit <index_int>
set addr-type {ipv6 | ipv4}
set ip <ovrd_ipv4> => IP address of FortiManager
set ip6 <ovrd_ipv6>
end

 

 

Labels:
2326
0 Kudos
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.