Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Server DNS Forwarder - Validating Error

Posted on 2014-04-22
4
Medium Priority
?
1,521 Views
Last Modified: 2014-05-05
Hi,

Just checking is it a norm if my ISP dns cannot be validated but it can return back the Server FQDN successfully. See picture below.

DNS Forwarder
I have 2 ISP static fibre broadband. First one is provide by Singtel and another one is Starhub.

When my server is connected to internet with the Singtel, it can validate the Singtel dns with no problem but will not be able to validate the dns provided by Starhub.

If my server is connected to internet with the Starhub, it can validate both Starhub and Singtel dns with no problem.

Does it have anything to do with my Fortigate 100D Firewall?
0
Comment
Question by:hlmarine
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 19

Accepted Solution

by:
Miguel Angel Perez Muñoz earned 1500 total points
ID: 40014202
Some ISP block some external traffic by "security reasons". I have a case on Mexico, Telmex blocks SMTP traffic to all DSL clients, only way is use SMTP relay provided by ISP. Ask to your ISP to resolve your question.
0
 
LVL 17

Expert Comment

by:Sajid Shaik M
ID: 40014269
in your scenario when u have a fortigate 100 D firewall why are u pointing forwarders to dns...

the best practice is terminate both  networks on fortigate and create lan on lan add your local DNS and the interface with DNS round robins... so the external dns request will go through  the fortigate... which will scan the network packets reaching to your network over internet.


any how..

check the pinging of both dns ip's from the DNS server...

if not pinging check the icmp setting and firewall setting in the fortigate..
0
 

Author Comment

by:hlmarine
ID: 40014417
Hi Shaik,

Do you mean under my Fortigate DNS, I set the Primary DNS for Singtel and Secondary DNS for Starhub?
0
 
LVL 17

Expert Comment

by:Sajid Shaik M
ID: 40014489
let me explain you...

in most common scenarios may be in your scenario... the fortigate 100 D will act as default gateway...

on fortigate u have terminated internet connection from singtel on one port ... and star hub link on another port of fortigate 100 D.

on the fortigate 100 D u have 1 or some Lan ports configured for LAN access.

in this scenario all local Lan traffic Dns is pointing to your AD Dns or Domain Dns...
that's fine ...

and internet traffic from both ports are nat to your network.

if this is your scenario...

fortigate 100 D is having built in DNS forwarding feature no need to do the dons forwarder on the DNS server.

all the requests are going through the gateway so let gateway to decide... and its the best practice in security reason...

check the guide for the setup..

http://kb.fortinet.com/kb/documentLink.do?externalID=FD32065

all the best
0

Featured Post

Q2 2017 - Latest Malware & Internet Attacks

WatchGuard’s Threat Lab is a group of dedicated threat researchers committed to helping you stay ahead of the bad guys by providing in-depth analysis of the top security threats to your network.  Check out our latest Quarterly Internet Security Report!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Resolve DNS query failed errors for Exchange
Why do some people recommend buying business VoIP from an ISP? What are the benefits to my company? What are the costs?
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…
This tutorial will walk an individual through configuring a drive on a Windows Server 2008 to perform shadow copies in order to quickly recover deleted files and folders. Click on Start and then select Computer to view the available drives on the se…

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question