Fortinet black logo

Administration Guide

Home FortiProxy 7.2.9 Administration Guide
7.2.9
7.4.3
7.4.2
7.4.1
7.4.0
7.2.10
7.2.9
7.2.8
7.2.7
7.2.0
7.0.17
7.0.0
2.0.0
1.2.0
1.1.0
1.0.0

DNS Settings

DNS Settings

Several FortiProxy functions use DNS, including alert email. You can specify the IP addresses of the DNS servers that your unit connects to. DNS server IP addresses are usually supplied by your ISP. To configure DNS settings, go to Network > DNS Settings.

Configure the following settings and select Apply:

DNS Servers

Select Use FortiGuard Severs or Specify. If you select Specify, enter the IP addresses for the primary and secondary DNS servers.

See also Use DNS over TLS for default FortiGuard DNS servers.

Primary DNS Server

Enter the IPv4 or IPv6 address for the primary DNS server.

Secondary DNS Server

Enter the IPv4 or IPv6 address for the secondary DNS server.

Local Domain Name

Enter the domain name to append to addresses with no domain portion when performing DNS lookups.

DNS (UDP/53)

Enable or disable the use of clear-text DNS over port 53.

TLS (TCP/853)

Enable or disable the use of DNS over TLS (DoT).

HTTPS (TCP/443)

Enable or disable the use of DNS over HTTPS (DoH).

SSL certificate

Select which SSL certificate or click Create to import a certificate.

Server hostname

Enter the host name of the DNS server.
To enable DoT and DoH DNS in the CLI:

config system dns

set primary <IP_address>

set secondary <IP_address>

set protocol {cleartext | dot | doh}

end

Previous
Next

DNS Settings

Several FortiProxy functions use DNS, including alert email. You can specify the IP addresses of the DNS servers that your unit connects to. DNS server IP addresses are usually supplied by your ISP. To configure DNS settings, go to Network > DNS Settings.

Configure the following settings and select Apply:

DNS Servers

Select Use FortiGuard Severs or Specify. If you select Specify, enter the IP addresses for the primary and secondary DNS servers.

See also Use DNS over TLS for default FortiGuard DNS servers.

Primary DNS Server

Enter the IPv4 or IPv6 address for the primary DNS server.

Secondary DNS Server

Enter the IPv4 or IPv6 address for the secondary DNS server.

Local Domain Name

Enter the domain name to append to addresses with no domain portion when performing DNS lookups.

DNS (UDP/53)

Enable or disable the use of clear-text DNS over port 53.

TLS (TCP/853)

Enable or disable the use of DNS over TLS (DoT).

HTTPS (TCP/443)

Enable or disable the use of DNS over HTTPS (DoH).

SSL certificate

Select which SSL certificate or click Create to import a certificate.

Server hostname

Enter the host name of the DNS server.
To enable DoT and DoH DNS in the CLI:

config system dns

set primary <IP_address>

set secondary <IP_address>

set protocol {cleartext | dot | doh}

end

Previous
Next