Fortinet black logo

Administration Guide

Home FortiRecorder 7.0.3 Administration Guide
7.0.3
7.2.0
7.0.4
7.0.3
7.0.2
7.0.1
7.0.0
6.4.0
6.0.0
2.7.2
2.7.1
2.7.0
2.6.0

Configuring DNS settings

Configuring DNS settings

FortiRecorder appliances require connectivity to DNS servers for DNS lookups. The appliance will query the DNS servers whenever it needs to resolve a domain name into an IP address.

To configure DNS settings

Note

If you will use the settings DHCP and Retrieve default gateway and DNS from server when you configure your network interfaces, skip this — DNS is configured automatically.

  1. Log in to the admin administrator account.

    Other accounts might not have permissions necessary to change this setting.

  2. Go to System > Network > DNS.

  3. Enter the IP addresses of a primary and secondary DNS server.

    Your Internet service provider (ISP) might provide IP addresses of DNS servers, or you might want to use the IP addresses of your own DNS servers.

    Note

    Incorrect DNS settings or unreliable DNS connectivity can cause issues with other features, including the NTP system time. For improved performance, use DNS servers on your local network.
  4. Click Apply.

  5. To verify your DNS settings, in the CLI, enter the following commands:

    execute traceroute www.fortinet.com
    Note

    DNS tests may not succeed if you have not yet configured routes. See also Configuring routing.

  6. If the DNS query for the domain name succeeds, you should see results that indicate that the host name resolved into an IP address, and the route from FortiRecorder to that IP address:

    traceroute to www.fortinet.com (192.0.43.10), 30 hops max, 60 byte packets
    1  172.20.130.2 (172.20.130.2)  0.426 ms  0.238 ms  0.374 ms
    2  static-209-87-254-221.storm.ca (209.87.254.221)  2.223 ms  2.491 ms  2.552 ms
    3  core-g0-0-1105.storm.ca (209.87.239.161)  3.079 ms  3.334 ms  3.357 ms
    ...
    16  43-10.any.icann.org (192.0.43.10)  57.243 ms  57.146 ms  57.001 ms

    If the DNS query fails, you will see an error message such as:

    www.fortinet.com: Temporary failure in name resolution
    Cannot handle "host" cmdline arg `www.fortinet.com' on position 1 (argc 3)

    Verify your DNS server IP address, routing, and that your firewalls or routers do not block or proxy UDP port 53.

Previous
Next

Configuring DNS settings

FortiRecorder appliances require connectivity to DNS servers for DNS lookups. The appliance will query the DNS servers whenever it needs to resolve a domain name into an IP address.

To configure DNS settings

Note

If you will use the settings DHCP and Retrieve default gateway and DNS from server when you configure your network interfaces, skip this — DNS is configured automatically.

  1. Log in to the admin administrator account.

    Other accounts might not have permissions necessary to change this setting.

  2. Go to System > Network > DNS.

  3. Enter the IP addresses of a primary and secondary DNS server.

    Your Internet service provider (ISP) might provide IP addresses of DNS servers, or you might want to use the IP addresses of your own DNS servers.

    Note

    Incorrect DNS settings or unreliable DNS connectivity can cause issues with other features, including the NTP system time. For improved performance, use DNS servers on your local network.
  4. Click Apply.

  5. To verify your DNS settings, in the CLI, enter the following commands:

    execute traceroute www.fortinet.com
    Note

    DNS tests may not succeed if you have not yet configured routes. See also Configuring routing.

  6. If the DNS query for the domain name succeeds, you should see results that indicate that the host name resolved into an IP address, and the route from FortiRecorder to that IP address:

    traceroute to www.fortinet.com (192.0.43.10), 30 hops max, 60 byte packets
    1  172.20.130.2 (172.20.130.2)  0.426 ms  0.238 ms  0.374 ms
    2  static-209-87-254-221.storm.ca (209.87.254.221)  2.223 ms  2.491 ms  2.552 ms
    3  core-g0-0-1105.storm.ca (209.87.239.161)  3.079 ms  3.334 ms  3.357 ms
    ...
    16  43-10.any.icann.org (192.0.43.10)  57.243 ms  57.146 ms  57.001 ms

    If the DNS query fails, you will see an error message such as:

    www.fortinet.com: Temporary failure in name resolution
    Cannot handle "host" cmdline arg `www.fortinet.com' on position 1 (argc 3)

    Verify your DNS server IP address, routing, and that your firewalls or routers do not block or proxy UDP port 53.

Previous
Next