This article describes how to configure FortiGate DNS over TLS using Cloudflare DNS.
- Primary DNS 1.1.1.2
- Secondary DNS 1.0.0.1
Solution
From GUI
When configuring from GUI, do not forget to change the default server hostname ‘globalsdns.fortinet.net’.
When using Cloudflare DNS, use ‘one.one.one.one’ or ‘1dot1dot1dot1.cloudflare-dns.com’ as the server hostname.
From CLI
# config system dns
set primary 1.1.1.2
set secondary 1.0.0.1
set protocol dot
set server-hostname "1dot1dot1dot1.cloudflare-dns.com"
end
Note: Using an incorrect server hostname will result in DNS failure.