Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
carabhavi
Staff
Staff

Created on ‎09-11-2019 05:43 AM

Article Id 198129

Technical Tip: Setting multiple DNS server for IPSec dial-up VPN

Description
This article describes the steps to configure multiple DNS server for IPSec dial-up VPN.

Solution
Up to 3 IPv4 DNS server and 3 IPv6 DNS server for dial-up tunnel can be configured.

In GUI, specify only 1 DNS server IP and via CLI, configure up to 3 server IP’s
In GUI, configure DNS at the time of initial configuration. If post configuration, process via CLI only.

By default, DNS mode will be set to auto.

CLI:
#config vpn ipsec phase1-interface
  edit <tunnel_name>
      set dns-mode manual 
      set ipv4-dns-server1 0.0.0.0
      set ipv4-dns-server2 0.0.0.0
      set ipv4-dns-server3 0.0.0.0
      set ipv6-dns-server1 ::
      set ipv6-dns-server2 ::
      set ipv6-dns-server3 ::
  next
end

19336
0 Kudos
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.