Fortinet black logo

Administration Guide

Home FortiPAM 1.0.0 Administration Guide
1.0.0
1.3.0
1.2.0
1.1.2
1.1.1
1.1.0
1.0.3
1.0.2
1.0.1
1.0.0

DNS settings

DNS settings

Domain name system (DNS) is used by devices to locate websites by mapping a domain name to a website’s IP address.

You can specify the IP addresses of the DNS servers to which your FortiPAM unit connects.

To configure DNS settings, go to Network > DNS Settings.

To configure DNS settings:
  1. Go to Network > DNS Settings.

  2. In the DNS Settings window, enter the following information:

    DNS servers

    Select Use FortiGuard Severs or Specify. If you select Specify, enter the IP addresses for the primary and secondary DNS servers.

    Primary DNS server

    Enter the IPv4 or IPv6 address for the primary DNS server.

    Note: For an IPv4 address, the option is only available to edit when DNS servers is Specify.

    Secondary DNS server

    Enter the IPv4 or IPv6 address for the secondary DNS server.

    Note: For an IPv4 address, the option is only available to edit when DNS servers is Specify.

    Local domain name

    The domain name to append to addresses with no domain portion when performing DNS lookups.

    Select + to add additional local domain names.

    You can add up to 8 local domain names.

    DNS Protocols

    DNS (UDP/53)

    Enable or disable the use of clear-text DNS over port 53.

    Note: The option is disabled by default and only available to edit when DNS servers is Specify.

    TLS (TCP/853)

    Enable or disable the use of DNS over TLS (DoT).

    Note: The option is enabled by default and only available to edit when DNS servers is Specify.

    HTTPS (TCP/443)

    Enable or disable the use of DNS over HTTPS (DoH).

    Note: The option is disabled by default and only available to edit when DNS servers is Specify.

    SSL certificate

    From the dropdown, select an SSL certificate or click Create to import a certificate (default = Fortinet_Factory).

    SSL certificate is used by the DNS proxy as a DNS server so that the DNS proxy can provide service over TLS as well as normal UDP/TCP.

    Use the search bar to look for an SSL certificate.

    Server hostname

    The host name of the DNS server (default = globalsdns.fortinet.net).

    You can add up to 4 server hostnames.

  3. Click Apply.
To use API preview:
  1. Click API Preview.

    The API Preview pane opens, and the values for the fields are visible (data). If a new object is being created, the POST request is shown.

  2. Enable Show modified changes only (enabled by default) to show the modified changes instead of the full configuration in the preview.
  3. Click Copy to Clipboard to copy the JSON code shown on the preview screen to the clipboard.
  4. Click Close to leave the preview.
Previous
Next

DNS settings

Domain name system (DNS) is used by devices to locate websites by mapping a domain name to a website’s IP address.

You can specify the IP addresses of the DNS servers to which your FortiPAM unit connects.

To configure DNS settings, go to Network > DNS Settings.

To configure DNS settings:
  1. Go to Network > DNS Settings.

  2. In the DNS Settings window, enter the following information:

    DNS servers

    Select Use FortiGuard Severs or Specify. If you select Specify, enter the IP addresses for the primary and secondary DNS servers.

    Primary DNS server

    Enter the IPv4 or IPv6 address for the primary DNS server.

    Note: For an IPv4 address, the option is only available to edit when DNS servers is Specify.

    Secondary DNS server

    Enter the IPv4 or IPv6 address for the secondary DNS server.

    Note: For an IPv4 address, the option is only available to edit when DNS servers is Specify.

    Local domain name

    The domain name to append to addresses with no domain portion when performing DNS lookups.

    Select + to add additional local domain names.

    You can add up to 8 local domain names.

    DNS Protocols

    DNS (UDP/53)

    Enable or disable the use of clear-text DNS over port 53.

    Note: The option is disabled by default and only available to edit when DNS servers is Specify.

    TLS (TCP/853)

    Enable or disable the use of DNS over TLS (DoT).

    Note: The option is enabled by default and only available to edit when DNS servers is Specify.

    HTTPS (TCP/443)

    Enable or disable the use of DNS over HTTPS (DoH).

    Note: The option is disabled by default and only available to edit when DNS servers is Specify.

    SSL certificate

    From the dropdown, select an SSL certificate or click Create to import a certificate (default = Fortinet_Factory).

    SSL certificate is used by the DNS proxy as a DNS server so that the DNS proxy can provide service over TLS as well as normal UDP/TCP.

    Use the search bar to look for an SSL certificate.

    Server hostname

    The host name of the DNS server (default = globalsdns.fortinet.net).

    You can add up to 4 server hostnames.

  3. Click Apply.
To use API preview:
  1. Click API Preview.

    The API Preview pane opens, and the values for the fields are visible (data). If a new object is being created, the POST request is shown.

  2. Enable Show modified changes only (enabled by default) to show the modified changes instead of the full configuration in the preview.
  3. Click Copy to Clipboard to copy the JSON code shown on the preview screen to the clipboard.
  4. Click Close to leave the preview.
Previous
Next