Fortinet black logo

CLI Reference

system vdom-dns

Configure DNS servers for a non-management VDOM.

  config system vdom-dns
      Description: Configure DNS servers for a non-management VDOM.
      set vdom-dns [enable|disable]
      set primary {ipv4-address}
      set secondary {ipv4-address}
      set dns-over-tls [disable|enable|...]
      set ssl-certificate {string}
      set server-hostname <hostname1>, <hostname2>, ...
      set ip6-primary {ipv6-address}
      set ip6-secondary {ipv6-address}
      set source-ip {ipv4-address}
  end

config system vdom-dns

Parameter Name Description Type Size
vdom-dns Enable/disable configuring DNS servers for the current VDOM.
enable: Enable configuring DNS servers for the current VDOM.
disable: Disable configuring DNS servers for the current VDOM.
option -
primary Primary DNS server IP address for the VDOM. ipv4-address Not Specified
secondary Secondary DNS server IP address for the VDOM. ipv4-address Not Specified
dns-over-tls Enable/disable/enforce DNS over TLS.
disable: Disable DNS over TLS.
enable: Use TLS for DNS queries if TLS is available.
enforce: Use only TLS for DNS queries. Does not fall back to unencrypted DNS queries if TLS is unavailable.
option -
ssl-certificate Name of local certificate for SSL connections. string Maximum length: 35
server-hostname <hostname> DNS server host name list.
DNS server host name list separated by space (maximum 4 domains).
string Maximum length: 127
ip6-primary Primary IPv6 DNS server IP address for the VDOM. ipv6-address Not Specified
ip6-secondary Secondary IPv6 DNS server IP address for the VDOM. ipv6-address Not Specified
source-ip Source IP for communications with the DNS server. ipv4-address Not Specified

Configure DNS servers for a non-management VDOM.

  config system vdom-dns
      Description: Configure DNS servers for a non-management VDOM.
      set vdom-dns [enable|disable]
      set primary {ipv4-address}
      set secondary {ipv4-address}
      set dns-over-tls [disable|enable|...]
      set ssl-certificate {string}
      set server-hostname <hostname1>, <hostname2>, ...
      set ip6-primary {ipv6-address}
      set ip6-secondary {ipv6-address}
      set source-ip {ipv4-address}
  end

config system vdom-dns

Parameter Name Description Type Size
vdom-dns Enable/disable configuring DNS servers for the current VDOM.
enable: Enable configuring DNS servers for the current VDOM.
disable: Disable configuring DNS servers for the current VDOM.
option -
primary Primary DNS server IP address for the VDOM. ipv4-address Not Specified
secondary Secondary DNS server IP address for the VDOM. ipv4-address Not Specified
dns-over-tls Enable/disable/enforce DNS over TLS.
disable: Disable DNS over TLS.
enable: Use TLS for DNS queries if TLS is available.
enforce: Use only TLS for DNS queries. Does not fall back to unencrypted DNS queries if TLS is unavailable.
option -
ssl-certificate Name of local certificate for SSL connections. string Maximum length: 35
server-hostname <hostname> DNS server host name list.
DNS server host name list separated by space (maximum 4 domains).
string Maximum length: 127
ip6-primary Primary IPv6 DNS server IP address for the VDOM. ipv6-address Not Specified
ip6-secondary Secondary IPv6 DNS server IP address for the VDOM. ipv6-address Not Specified
source-ip Source IP for communications with the DNS server. ipv4-address Not Specified