DNS traffic in NGFW policy-mode
DNS traffic in NGFW policy-mode
FortiOS has an option to enable the creation of an implicit policy to allow DNS traffic.
Certain Application Control profiles may not work properly if DNS traffic is not allowed. Enabling theimplicitallow-dns option adds an implicit policy to allow the DNS traffic. This policy is situated in the policy sequence Deny policies
just above the implicit deny policy. Since this is a config system settings command, this option can be enabled per VDOM.
CLI
config system settings set implicit-allow-dns {enable|disable} end
Having trouble configuring your Fortinet hardware or have some questions you need answered? Check Out The Fortinet Guru Youtube Channel! Want someone else to deal with it for you? Get some consulting from Fortinet GURU!
Don't Forget To visit the YouTube Channel for the latest Fortinet Training Videos and Question / Answer sessions!
- FortinetGuru YouTube Channel
- FortiSwitch Training Videos
Cybersecurity Videos and Training Available Via: Office of The CISO Security Training Videos
Leave a Reply