Fortinet black logo

Administration Guide

Home FortiProxy 7.0.0 Administration Guide
7.0.0
7.4.4
7.4.3
7.4.2
7.4.1
7.4.0
7.2.10
7.2.9
7.2.8
7.2.7
7.2.0
7.0.17
7.0.0
2.0.0
1.2.0
1.1.0
1.0.0

DNS Settings

DNS Settings

Several FortiProxy functions use DNS, including alert email. You can specify the IP addresses of the DNS servers to which your unit connects. DNS server IP addresses are usually supplied by your ISP. To configure DNS settings, go to Network > DNS Settings.

Configure the following settings and select Apply:

DNS Servers

Select Use FortiGuard Severs or Specify. If you select Specify, enter the IP addresses for the primary and secondary DNS servers.

See also Use DNS over TLS for default FortiGuard DNS servers.
Primary DNS Server Enter the IPv4 or IPv6 address for the primary DNS server.
Secondary DNS Server Enter the IPv4 or IPv6 address for the secondary DNS server.
Local Domain Name Enter the domain name to append to addresses with no domain portion when performing DNS lookups.
DNS (UDP/53) Enable or disable the use of clear-text DNS over port 53.
TLS (TCP/853) Enable or disable the use of DNS over TLS (DoT).
HTTPS (TCP/443) Enable or disable the use of DNS over HTTPS (DoH).
SSL certificate Select which SSL certificate or click Create to import a certificate.
Server hostname Enter the host name of the DNS server.
API Preview The API Preview allows you to view all REST API requests being used by the page. You can make changes on the page that are reflected in the API request preview. This feature is not available if the user is logged in as an administrator that has read-only GUI permissions.
Edit in CLI Click to open a CLI console window to view and edit the setting in the CLI. If there are multiple CLI settings on the page, the CLI console shows the first setting.
Local Out Setting Click to directly configure the local-out settings.
To use the API Preview:
  1. Click API Preview. The API Preview pane opens, and the values for the fields are visible (data). If a new object is being created, the POST request is shown.
  2. Enable Show modified changes only to show the modified changes instead of the full configuration in the preview.
  3. Click Copy to Clipboard to copy the JSON code shown on the preview screen to the clipboard.
  4. Click Close to leave the preview.
To enable DoT and DoH DNS in the CLI:

config system dns

set primary <IP_address>

set secondary <IP_address>

set protocol {cleartext | dot | doh}

end

Previous
Next

DNS Settings

Several FortiProxy functions use DNS, including alert email. You can specify the IP addresses of the DNS servers to which your unit connects. DNS server IP addresses are usually supplied by your ISP. To configure DNS settings, go to Network > DNS Settings.

Configure the following settings and select Apply:

DNS Servers

Select Use FortiGuard Severs or Specify. If you select Specify, enter the IP addresses for the primary and secondary DNS servers.

See also Use DNS over TLS for default FortiGuard DNS servers.
Primary DNS Server Enter the IPv4 or IPv6 address for the primary DNS server.
Secondary DNS Server Enter the IPv4 or IPv6 address for the secondary DNS server.
Local Domain Name Enter the domain name to append to addresses with no domain portion when performing DNS lookups.
DNS (UDP/53) Enable or disable the use of clear-text DNS over port 53.
TLS (TCP/853) Enable or disable the use of DNS over TLS (DoT).
HTTPS (TCP/443) Enable or disable the use of DNS over HTTPS (DoH).
SSL certificate Select which SSL certificate or click Create to import a certificate.
Server hostname Enter the host name of the DNS server.
API Preview The API Preview allows you to view all REST API requests being used by the page. You can make changes on the page that are reflected in the API request preview. This feature is not available if the user is logged in as an administrator that has read-only GUI permissions.
Edit in CLI Click to open a CLI console window to view and edit the setting in the CLI. If there are multiple CLI settings on the page, the CLI console shows the first setting.
Local Out Setting Click to directly configure the local-out settings.
To use the API Preview:
  1. Click API Preview. The API Preview pane opens, and the values for the fields are visible (data). If a new object is being created, the POST request is shown.
  2. Enable Show modified changes only to show the modified changes instead of the full configuration in the preview.
  3. Click Copy to Clipboard to copy the JSON code shown on the preview screen to the clipboard.
  4. Click Close to leave the preview.
To enable DoT and DoH DNS in the CLI:

config system dns

set primary <IP_address>

set secondary <IP_address>

set protocol {cleartext | dot | doh}

end

Previous
Next