Soul Society

I encounter an issue that unable to ping to FQDN but able to ping to IP address after setting up a Fortigate firewall. The remote office do not have any DHCP server and DNS server. Therefore I setup the Fortigate 60D as the DHCP and create a IPSec to the HQ office. I then try to perform nslookup on the connected device and notice it provide me the ISP DNS instead of internal DNS. As resolution, go to Network > Interfaces > internal. Edit the internal interfaces and set the DNS server to Specify. Enter the internal DNS server IP.

Accessing from external public IP to Fortigate devices are important especially for remote site. However, this might open up security loop hole for attacker to access to company environment via public IP. Login to Fortigate, navigate to Network > Interfaces > the wan interface > edit. Under Administrative Access > uncheck the HTTPS / HTTP. Also make sure the SSH & SNMP is not checked.