Fortinet Document Library

Version:


Table of Contents

New Features

6.2.0
Download PDF
Copy Link

DNS - Add DNS Translation to DNS Profile

DNS translation has moved to the DNS profile configuration, allowing different translations to be applied on a per-policy basis. Prior to 6.2, this was a single table outside of the profile.

DNS filter dns-translation enforces what 'a record' (IP address) in a DNS reply will be translated into another IP address, which allows you to control the DNS resolve result.

To configure a DNS filter using the GUI:
  1. Go to Security Profiles > DNS Filter.
  2. Enable DNS Translation, configure as follows, and click Appy:

  3. Apply the DNS filter profile to the firewall policy.
To configure a DNS filter using the CLI:
  1. Enable dns-translation:

    config dnsfilter profile

    edit "<dns-filter-profile>"

    ......

    config dns-translation

    edit 1

    set src 93.184.216.34

    set dst 10.1.100.99

    set netmask 255.255.255.255

    next

    end

    end

DNS - Add DNS Translation to DNS Profile

DNS translation has moved to the DNS profile configuration, allowing different translations to be applied on a per-policy basis. Prior to 6.2, this was a single table outside of the profile.

DNS filter dns-translation enforces what 'a record' (IP address) in a DNS reply will be translated into another IP address, which allows you to control the DNS resolve result.

To configure a DNS filter using the GUI:
  1. Go to Security Profiles > DNS Filter.
  2. Enable DNS Translation, configure as follows, and click Appy:

  3. Apply the DNS filter profile to the firewall policy.
To configure a DNS filter using the CLI:
  1. Enable dns-translation:

    config dnsfilter profile

    edit "<dns-filter-profile>"

    ......

    config dns-translation

    edit 1

    set src 93.184.216.34

    set dst 10.1.100.99

    set netmask 255.255.255.255

    next

    end

    end