I ran into the following problem when configuring a Fortigate Firewall.
I created a general purpose internet rule on the Fortigate. Which looks like this:
Internal networks – to – Internet // protocols : tcp/80/443
Now a days you want to verify if a DNS zone is secure and verified correctly with DNS sec. This is how you do it on a Netscaler if you ever wondered :-).