Organizations that use a Fortinet firewall can create a NAT rule to intercept all DNS lookups on port 53 and port 853 that forward the lookups to localhost (127.0.0.1), centralizing DNS resolution.  

1. From the Fortinet Firewall dashboard, select Policy and Objects
2. Select IPv4 Policy or Firewall Policy
3. Select Create New to add a new policy or edit an existing policy
4. Set these fields:
   • Source Address: any or specify the source addresses to intercept DNS traffic
   • Destination Address: the Firewall interface's external IP address
   • Services: DNS or specify the DNS services (UDP ports 53 and port 853)
   • Action: NAT or DNAT (Destination NAT)
   • Translated Destination Address: the IP address of the localhost (127.0.0.1) 
5. Save the NAT policy
6. Apply the NAT policy to the appropriate firewall policy or interface
7. Test the configuration:
   • Send DNS queries from client devices within the specified source address range
   • Verify the DNS traffic on ports 53 and 853 forwards to localhost (127.0.0.1) as intended
   • Monitor NAT logs or use diagnostic tools to confirm successful NAT translation of DNS traffic to localhost