Hot!DNS over TLS

Author
nbctcp
Silver Member
  • Total Posts : 95
  • Scores: 4
  • Reward points: 0
  • Joined: 2015/03/05 04:48:26
  • Location: Indonesia
  • Status: offline
2020/01/25 04:08:07 (permalink) 6.2
0

DNS over TLS

 

As I know there are few DNS server support TLS. As shown below
 
=====
DNS over TLS
Cloudflare
cloudflare-dns.com (1.1.1.1:853)
cloudflare-dns.com (1.0.0.1:853)
cloudflare-dns.com ([2606:4700:4700::1111]:853)
cloudflare-dns.com ([2606:4700:4700::1001]:853)
Google
dns.google (8.8.8.8:853)
dns.google (8.8.4.4:853)
dns.google ([2001:4860:4860::8888]:853)
dns.google ([2001:4860:4860::8844]:853)
Quad9
dns.quad9.net (9.9.9.9:853)
dns.quad9.net ([2620:fe::fe]:853)
 
In order to enable DNS over TLS, I think I need to use those dns servers
 
QUESTIONS:
1. I want to enable "DNS over TLS" and Internal DNS as well to solve internal server name
I think if I can't use "DNS over TLS" if I point to Internal DNS
Can I use split DNS like this 
config system dns-database
edit "company1.com"
set domain "company1.com"
set authoritative disable
set forwarder "10.243.13.1"
next
end
 
2. can I enable that using this command
config system dns
    set primary 8.8.8.8
    set dns-over-tls enforce
set ssl-certificate Fortinet_Factory
end 


 
tq
 
UPDATE1:
1. I think this is the answer
https://www.youtube.com/watch?v=3Ze3jMAdRTo&feature=emb_logo
I need to setup dns server in Fortigate interface facing LAN/DMZ
post edited by nbctcp - 2020/01/25 11:36:11
#1

0 Replies Related Threads

    Jump to:
    © 2020 APG vNext Commercial Version 5.5