Fortinet black logo

CLI Reference

firewall dnstranslation

Configure DNS translation.

  config firewall dnstranslation
      Description: Configure DNS translation.
      edit <id>
          set src {ipv4-address}
          set dst {ipv4-address}
          set netmask {ipv4-netmask}
      next
  end

config firewall dnstranslation

Parameter Name Description Type Size
src IPv4 address or subnet on the internal network to compare with the resolved address in DNS query replies. If the resolved address matches, the resolved address is substituted with dst. ipv4-address Not Specified
dst IPv4 address or subnet on the external network to substitute for the resolved address in DNS query replies. Can be single IP address or subnet on the external network, but number of addresses must equal number of mapped IP addresses in src. ipv4-address Not Specified
netmask If src and dst are subnets rather than single IP addresses, enter the netmask for both src and dst. ipv4-netmask Not Specified

Configure DNS translation.

  config firewall dnstranslation
      Description: Configure DNS translation.
      edit <id>
          set src {ipv4-address}
          set dst {ipv4-address}
          set netmask {ipv4-netmask}
      next
  end

config firewall dnstranslation

Parameter Name Description Type Size
src IPv4 address or subnet on the internal network to compare with the resolved address in DNS query replies. If the resolved address matches, the resolved address is substituted with dst. ipv4-address Not Specified
dst IPv4 address or subnet on the external network to substitute for the resolved address in DNS query replies. Can be single IP address or subnet on the external network, but number of addresses must equal number of mapped IP addresses in src. ipv4-address Not Specified
netmask If src and dst are subnets rather than single IP addresses, enter the netmask for both src and dst. ipv4-netmask Not Specified