Created on 09-19-2011 04:48 AM Edited on 04-06-2022 10:55 AM By Anonymous
Description
This article explains how to override DNS lookup's for FortiGuard in FortiOS and point to DNS lookup's for FortiGuard via FortiManager.
Scope
FortiOS v4.0 and above.
Solution
In FortiOS by default, DNS lookup's for FortiGuard are performed via the FortiGate. A service-override service is available allowing these DNS lookup's to be performed by a FortiManager.
To configure the connect to the CLI of the FortiGate, perform the following:
1. Enable the service-override for FortiGuard Services.
config system fortiguard
set hostname "service.fortiguard.net"
set srv-ovrd enable
2. An override server list menu will be available once the service-override has been enabled, create a server entry and enter the IP of the FortiManager device.
config srv-ovrd-list
edit <index_int>
set addr-type {ipv6 | ipv4}
set ip <ovrd_ipv4> => IP address of FortiManager
set ip6 <ovrd_ipv6>
end
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.