How to Configure DynDNS DDNS on Fortigate FortiOS

With the recent versions of FortiOS, you won’t see DynDNS settings. Fortinet became smart by removing this option from their web interface (GUI) and pushing the users to use their dynamic DNS service with the Fortiguard subscription. If you are a person using third party DDNS providers like DynDNS, then you need to use CLI to configure. This simple guide shows how to configure DynDNS DDNS on the latest or any Fortigate FortiOS in CLI ( Command Line Interface) mode.

Fortigate is famous for its multi-network security functional firewall devices, powerful UTM and user-friendly web interface. They keep upgrading their OS to match up with the competitors and to add new features, fix bugs and enhance the user experience.

This is another change you would be noticing after upgraded FortiOS 5.x series, like how we had to change switch mode to interface mode by CLI. As shown below, only the FortiGuard DDNS listed for a WAN interface in FortiOS 6.x series. You will find a similar setup on the other latest versions.

Only Fortiddns

The only way available to configure DynDNS or other providers in Fortigate 5 or laters versions is by using the command line.

Methods to Configure DynDNS DDNS on Fortigate FortiOS

1) Connect to the device by telnet or SSH or GUI terminal and type the following command one by one.

config system ddns  
edit 1      
set monitor-interface "wan1"        
set ddns-server        
set ddns-domain "hostname"        
set ddns-username "username"        
set ddns-password password

* edit 1 – 1 is the index number of DDNS settings. Start with 1 if it’s the first DDNS settings in the Fortigate box. This index number should be used later to modify anything related to the settings of WAN port or DDNS settings.

* wan1– is the port you need to configure DDNS and obviously that should be connected to the internet.

* ddns-server – is the server of DynDNS service provider. For other providers, see more detail below.

* hostname – is the one you have registered at dynamic DNS provider.

* username – user name of the corresponding hostname at the provider.

* password – for the username and hostname from the provider.

The following DDNS servers can be used to configure Dynamic DNS in FortiOS 5 and later. — supports and — supports — supports — supports — supports
FortiGuardDDNS — supports FortiGuard DDNS service.
genericDDNS — supports DDNS server (RFC 2136) defined in ddns-server-ip. — supports — supports — supports — supports

Once you have configured DynDNS service, as shown above, the WAN port of the device will be monitored and changed accordingly with the name and IP.

Read Also: How to enable ping response in Windows 10

2) Typing,

show system ddns

It will show the ddns settings of the FortiGate device in CLI which usually can’t be seen in GUI mode.

3) To edit the same ddns entry, you can use

config system ddns  
edit 1

Make sure to enter correct index number (eg 1) to modify.

It is recommended to take a backup of the device configuration, so you can use it in future or while replacing the existing device. By using the backup you do not need to configure DynDNS again via CLI, it is included in the backup.

Delete Existing DDNS on Fortigate

To delete existing DDNS settings for a specific network port, we need to know the ID number. In this example, it is ID 1.

Execute the below command with proper ID to delete DDNS settings via CLI.

config system ddns  
delete 1

Dinesh is the founder of Sysprobs and written more than 400 articles. Enthusiast in Microsoft and cloud technologies with more than 15 years of IT experience.

2 thoughts on “How to Configure DynDNS DDNS on Fortigate FortiOS”

  1. i am trying to setup remove viewing for cctv DVR , i have forwarded the ports, but i needed to use as the ddns server so, i know this is a silly question but do i need to also put the inverted commas(“) at the CLI as mentioned above?

    I started out with putting the inverted commas, then tried to edit it to remove it, but the ‘show system ddns’ says that the inverted commas are still there

    also is there a way to check that username and pw as provided in CLI- is working correctly

    entering the hostname of the dyndns in a website now takes me to the login page of the router.

Comments are closed.

Pin It on Pinterest