DNS traffic in NGFW policy-mode
FortiOS has an option to enable the creation of an implicit policy to allow DNS traffic.
Certain Application Control profiles may not work properly if DNS traffic is not allowed. Enabling theimplicit-allow-dns option adds an implicit policy to allow the DNS traffic. This policy is situated in the policy sequence just above the implicit deny policy. Since this is a config system settings command, this option can be enabled per VDOM.
CLI
config system settings
set implicit-allow-dns {enable|disable}
end
Copyright © 2022 Fortinet, Inc. All Rights Reserved. | Terms of Service | Privacy Policy
