Fortinet black logo

Administration Guide

Home FortiProxy 7.0.0 Administration Guide
7.0.0
7.4.3
7.4.2
7.4.1
7.4.0
7.2.10
7.2.9
7.2.8
7.2.7
7.2.0
7.0.17
7.0.0
2.0.0
1.2.0
1.1.0
1.0.0

Create or edit a DNS translation entry

Create or edit a DNS translation entry

This setting allows you to translate a DNS resolved IP address to another IP address you specify on a per-policy basis.

For example, website A has a public address of 1.2.3.4. However, when your internal network users visit this website, you want them to connect to the internal host 192.168.3.4. You can use DNS translation to translate the DNS resolved address 1.2.3.4 to 192.168.3.4. Reverse use of DNS translation is also applicable. For example, if you want a public DNS query of your internal server to get a public IP address, then you can translate a DNS resolved private IP to a public IP address.

To create a DNS translation entry:

  1. Go to Security Profiles > DNS Filter and enable DNS Translation.

  2. In the DNS Translation table, select Create New. The New DNS Translation window opens.

  3. Select the type of IP address to translate, either IPv4 or IPv6.

  4. In the Original Destination field, enter the domain's original IP address.

  5. In the Translation Destination field, enter the IP address that you want used instead of the original IP address.

  6. Enter the network mask.

  7. Enable or disable the status.

  8. Click OK to save the DNS translation entry.

  9. Click OK to save the DNS filter profile.

To edit a DNS translation entry:

  1. Go to Security Profiles > DNS Filter and enable DNS Translation.

  2. In the DNS Translation table, double-click on an entry or select an entry and then click Edit in the toolbar.

  3. Edit the settings as required.

  4. Click OK to save the DNS translation entry.

  5. Click OK to save the DNS filter profile.

Previous
Next

Create or edit a DNS translation entry

This setting allows you to translate a DNS resolved IP address to another IP address you specify on a per-policy basis.

For example, website A has a public address of 1.2.3.4. However, when your internal network users visit this website, you want them to connect to the internal host 192.168.3.4. You can use DNS translation to translate the DNS resolved address 1.2.3.4 to 192.168.3.4. Reverse use of DNS translation is also applicable. For example, if you want a public DNS query of your internal server to get a public IP address, then you can translate a DNS resolved private IP to a public IP address.

To create a DNS translation entry:

  1. Go to Security Profiles > DNS Filter and enable DNS Translation.

  2. In the DNS Translation table, select Create New. The New DNS Translation window opens.

  3. Select the type of IP address to translate, either IPv4 or IPv6.

  4. In the Original Destination field, enter the domain's original IP address.

  5. In the Translation Destination field, enter the IP address that you want used instead of the original IP address.

  6. Enter the network mask.

  7. Enable or disable the status.

  8. Click OK to save the DNS translation entry.

  9. Click OK to save the DNS filter profile.

To edit a DNS translation entry:

  1. Go to Security Profiles > DNS Filter and enable DNS Translation.

  2. In the DNS Translation table, double-click on an entry or select an entry and then click Edit in the toolbar.

  3. Edit the settings as required.

  4. Click OK to save the DNS translation entry.

  5. Click OK to save the DNS filter profile.

Previous
Next