Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
nnair
Staff
Staff

Created on ‎08-30-2024 03:34 AM Edited on ‎01-28-2025 10:19 PM By Staff

Article Id 337833

Technical Tip: How to change the DNS server IP address

Description This article describes how to change the DNS server IP address.
Scope All FortiGate.
Solution

By default, the FortiGate will be added with the default FortiGuard server IP address on the DNS settings.

 

FortiGuard DNS servers are used by FortiGate devices to resolve domain names into IP addresses. By default, FortiGate devices use the following FortiGuard DNS servers:

Primary DNS server: 208.91.112.53 - Secondary DNS server: 208.91.112.52.

Primary DNS server: 96.45.45.45 -Secondary DNS server: 96.45.46.46.

 

It is also possible to customize the DNS settings on FortiGate devices to use different DNS servers if needed.

Navigate to Network -> DNS -> DNS servers -> Specify.

Mention the primary DNS and secondary DNS.

Note: Not all public DNS servers support TLS protocol (enabled by default). If necessary, switch to DNS protocol. By default is required to change the DNS server over CLI:

 

image.png

 

From the CLI:

 

config system dns

    set primary 8.8.8.8

    set secondary 4.4.2.2

    set protocol cleartext

end

 

 dns1.png
2683
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.