How to Configure DynDNS on Fortigate FortiOS 5.0 and 5.2 in CLI Mode

That’s right, you would not be seeing Dynamic DNS settings in Fortigate FortiOS 5 or 5.2 (5.2.1) for other DDNS providers than Fortinet. Fortinet became smart by removing this option in there web interface and pushing the users to use their dynamic DNS service with the Fortinet subscription. If you are a person using third party DDNS providers like DynDNS, then you will not find the for other providers in web based GUI. Do not worry, there is a way and this simple guide shows how to configure DynDNS on Fortigate FortiOS 5, 5.2 (or 5.2.1) in CLI ( Command Line Interface) mode.

Fortigate is famous of their multi network security functions,firewall features, powerful UTM and user friendly web interface. They keep upgrading their OS to match up other competitors’ features, fix bugs and to give more features to their users.

This is another change you would be noticing after upgraded FortiOS 5.x series, like how we had to change switch mode to interface mode by CLI. Below screenshot was taken in FortiOS version 5.0 (which will be similar in 5.2 also) and other dynamic DNS providers were not listed as shown.

missing dyndns in fortigate

The only way available to configure DynDNS or other providers in Fortigate 5 and 5.2 OS is by command line.

1) Connect to the device by telnet or SSH or GUI terminal and type the following command.

config system ddns  
edit 1      
set monitor-interface "wan1"        
set ddns-server dyndns.org        
set ddns-domain "hostname"        
set ddns-username "username"        
set ddns-password password

* edit 1 – 1 is the index number of DDNS settings. Start with 1 if its the first DDNS settings on the Fortigate box. This index number should be used later to modify anything related to this settings if required.

* wan1– is the port you need to configure DDNS and obviously connected to internet.

* ddns-server – dyndns.org is the server of DynDNS service provider. For other providers, see more detail below.

* hostname – is the one you have registered at dynamic DNS provider.

* username – user name of corresponding hostname at the provider.

* password – for the username and hostname from the provider.

The following DDNS servers can be used to configure Dynamic DNS in FortiOS 5 and later.

dhs.org — supports members.dhs.org and dnsalias.com.
dipdns.net — supports dipdnsserver.dipdns.com.
dyndns.org — supports members.dyndns.org.
dyns.net — supports www.dyns.net.
easydns.com — supports members.easydns.com.
FortiGuardDDNS — supports FortiGuard DDNS service.
genericDDNS — supports DDNS server (RFC 2136) defined in ddns-server-ip.
now.net.cn — supports ip.todayisp.com.
ods.org — supports ods.org.
tzo.com — supports rh.tzo.com.
vavic.com — supports ph001.oray.net.

Once you have configured DynDNS service as shown above, the WAN port of the device will be monitored and changed accordingly with the name and IP.

Read Also: How to enable ping response in Windows 8.1

2) Typing,

show system ddns

will shows the ddns settings of the Fortigate device in CLI which can’t be seen in GUI mode.

3) To edit the same ddns entry, you can use

config system ddns  
edit 1

Make sure to enter correct index number ( eg 1) to modify.

It is recommended to take backup of the device configuration, so you can use it in future or while replacing the existing device. By using backup you do not need to configure dyndns again via CLI.

2 thoughts on “How to Configure DynDNS on Fortigate FortiOS 5.0 and 5.2 in CLI Mode”

  1. i am trying to setup remove viewing for cctv DVR , i have forwarded the ports, but i needed to use dyndns.org as the ddns server so, i know this is a silly question but do i need to also put the inverted commas(“) at the CLI as mentioned above?

    I started out with putting the inverted commas, then tried to edit it to remove it, but the ‘show system ddns’ says that the inverted commas are still there

    also is there a way to check that username and pw as provided in CLI- is working correctly

    entering the hostname of the dyndns in a website now takes me to the login page of the router.

Comments are closed.