Technical Tip: Disable the DNS override in the AWS instance

heng · ‎06-10-2021

Description
This article describes how to configure and disable the DNS override in the FortiAnalyzer/FortiManager based AWS instance, where the DNS server IP address will be assigned by AWS by default.

Scope
For FortiAnalyzer and FortiManager AWS.

Solution
By default, DNS assignment will be by AWS.
User will encounter approximately every 20 minutes, whereby the AWS will try to reset any custom DNS server IP addresses to set back to the default AWS DNS server IP (the IP addressing scheme depends on the region where the user is).

Below is 10.0.02 by AWS.

date="2021-06-10" time="14:22:45" id=6972046890082762752 bid=100046 dvid=1059 itime=1623306165 euid=1 epid=1 dsteuid=1 dstepid=1 log_id="0001010026" subtype="system" type="event" level="notice" time="14:22:45" date="2021-06-10" user="admin" cli_act=0 cmd_from=0 path="system.dns" userfrom="GUI(103.253.105.204)" desc="CLI execution info" session_id=26449 operation="edit" performed_on="GUI(103.253.105.204)" changes="path=system.dns,act=edit,primary=8.8.8.8(10.0.0.2),secondary=8.8.4.4(0.0.0.0)" devid="FAZ-VMTM19-----9" devname="FAZ-VMTM19-----9"

date="2021-06-10" time="14:43:59" id=6972052361871097856 bid=100153 dvid=1059 itime=1623307439 euid=1 epid=1 dsteuid=1 dstepid=1 log_id="0001010026" subtype="system" type="event" level="notice" time="14:43:59" date="2021-06-10" user="daemon_admin" cli_act=0 cmd_from=0 path="system.dns" userfrom="system" desc="CLI execution info" session_id=0 operation="edit" performed_on="system" changes="path=system.dns,act=edit,primary=10.0.0.2(8.8.8.8),secondary=0.0.0.0(8.8.4.4)" devid="FAZ-VMTM19-----9" devname="FAZ-VMTM19-----9"

It is possible to run the following command to disable the override in the instance from GUI.

# config sys interface
edit port1
set dns-server-override disable
end