DNS traffic in NGFW policy-mode

DNS traffic in NGFW policy-mode

FortiOS has an option to enable the creation of an implicit policy to allow DNS traffic.

Certain Application Control profiles may not work properly if DNS traffic is not allowed. Enabling theimplicitallow-dns option adds an implicit policy to allow the DNS traffic. This policy is situated in the policy sequence Deny policies

just above the implicit deny policy. Since this is a config system settings command, this option can be enabled per VDOM.


config system settings set implicit-allow-dns {enable|disable} end

Having trouble configuring your Fortinet hardware or have some questions you need answered? Ask your questions in the comments below!!! Want someone else to deal with it for you? Get some consulting from Fortinet GURU!

Don't Forget To Buy Your Fortinet Hardware From The Fortinet GURU