Solved: How do I configure FortiGate DNS over TLS using Cloudflare DNS?

This article describes how to configure FortiGate DNS over TLS using Cloudflare DNS.

• Primary DNS 1.1.1.2
• Secondary DNS 1.0.0.1

Solution

From GUI

When configuring from GUI, do not forget to change the default server hostname ‘globalsdns.fortinet.net’.

When using Cloudflare DNS, use ‘one.one.one.one’ or ‘1dot1dot1dot1.cloudflare-dns.com’ as the server hostname.

From CLI

# config system dns
set primary 1.1.1.2
set secondary 1.0.0.1
set protocol dot
set server-hostname "1dot1dot1dot1.cloudflare-dns.com"
end

Note: Using an incorrect server hostname will result in DNS failure.