Set a DNS server to allow the management gateway, ESXi hosts, and management VMs to resolve fully-qualified domain names (FQDNs) to IP addresses on the management network.

Unless you intend to use only static routing, the management network requires a DNS service that can resolve IP addresses on both sides of the management gateway to VM FQDNs. You must specify the IP address of at least one DNS server when you configure the management gateway. If you specify an optional backup DNS server, be sure that both servers are configured identically.


  1. Log in to the VMC Console at
  2. Click View Details on the SDDC card.
  3. Click Network.
  4. (Optional) Modify default DNS settings for the management VPN.

    The management VPN is created with two DNS servers configured to resolve names to addresses on the public Internet. You can change the DNS server addresses and the name resolution scope.

    1. Under Management Gateway, click DNS.
    2. Modify the DNS server addresses.

      Click Edit and enter the IP addresses for DNS Server 1 and, optionally, DNS Server 2.

    3. Choose a scope for DNS name resolution.

      By default, the gateway DNS is configured to resolve names to addresses on the public Internet (Public IP resolvable from Internet). To limit the scope to addresses on the management VPN. Select Private IP resolvable from VPN and click Save. This configuration change applies to both DNS Server 1 and DNS Server 2.