Configuring Fortinet to use Lumiun DNS via DoH
The configuration using the DoH protocol is the most recommended for using Lumiun DNS on your Fortinet FortiGate firewall. It will make Fortinet forward DNS requests to Lumiun DNS, using this secure and encrypted protocol.
All devices on the local network that use this Fortinet as their DNS server will now observe the rules defined in the Policy assigned to the site used in the configuration.
-
In your Fortinet web management interface, go to the Network → DNS menu.
-
Fill in the Primary DNS server and Secondary DNS server fields with your DNS servers defined in your sites page, dns_server_1 and dns_server_2, respectively.
-
In the DNS Protocols section, select only HTTPS (TCP/443). Leave the DNS (UDP/53) and TLS (TCP/853) options disabled.
-
Fill in the Server hostname field with
https://doh.ldns.io/abcd1234- replacing abcd1234 with the ID of the desired site — see your Sites page for the ID. - Click em Apply.
Important: ensure that your firewall only receives DNS queries from your local network. If necessary, configure filtering rules to allow access to port 53 (tcp and udp) of the firewall only from the local network.
That's it! You can now view reports on your Lumiun DNS dashboard and also define policy rules.