Fortinet white logo
Fortinet white logo

Administration Guide

DDNS support

DDNS support

When Dynamic DNS (DDNS) is enabled on FortiGates, VPN Manager supports DDNS. First VPN Manager searches for the interface IP for IPsec Phase2. If no IP is found, then VPN Manager searches for DDNS.

You can use FortiManager and the CLI-only objects menu to enable DDNS on each FortiGate device. The CLI-only objects menu is available in the Device Manager pane. See CLI-Only Objects menu.

With the CLI-only objects menu, you can use the config system ddns command to enable DDNS on a per-device basis. The selected monitoring interface must be the interface that supports your tunnel, for example:

config system ddns

edit 1

set ddns-server FortiGuardDDNS

set ddns-domain "<HOST1>.fortiddns.com"

set monitor-interface "port14"

next

end

You can also use the CLI-only objects menu to configure DDNS on multiple FortiGate interfaces. Once configured, you can use FortiManager to view all the DDNS entries, but you cannot edit the entries.

Following is an example of how to configure DDNS on multiple FortiGates by using the CLI-only objects menu:

config system ddns

edit 1

set ddns-server FortiGuardDDNS

set ddns-domain "<HOST1>.fortiddns.com"

set use-public-ip enable

set monitor-interface "wan"

next

edit 2

set ddns-server FortiGuardDDNS

set ddns-domain "<HOST2>.fortiddns.com"

set use-public-ip disable

set monitor-interface "wwan"

next

end

Multiple DDNS entries are useful when using SDWAN and multiple broadband links.

DDNS support

DDNS support

When Dynamic DNS (DDNS) is enabled on FortiGates, VPN Manager supports DDNS. First VPN Manager searches for the interface IP for IPsec Phase2. If no IP is found, then VPN Manager searches for DDNS.

You can use FortiManager and the CLI-only objects menu to enable DDNS on each FortiGate device. The CLI-only objects menu is available in the Device Manager pane. See CLI-Only Objects menu.

With the CLI-only objects menu, you can use the config system ddns command to enable DDNS on a per-device basis. The selected monitoring interface must be the interface that supports your tunnel, for example:

config system ddns

edit 1

set ddns-server FortiGuardDDNS

set ddns-domain "<HOST1>.fortiddns.com"

set monitor-interface "port14"

next

end

You can also use the CLI-only objects menu to configure DDNS on multiple FortiGate interfaces. Once configured, you can use FortiManager to view all the DDNS entries, but you cannot edit the entries.

Following is an example of how to configure DDNS on multiple FortiGates by using the CLI-only objects menu:

config system ddns

edit 1

set ddns-server FortiGuardDDNS

set ddns-domain "<HOST1>.fortiddns.com"

set use-public-ip enable

set monitor-interface "wan"

next

edit 2

set ddns-server FortiGuardDDNS

set ddns-domain "<HOST2>.fortiddns.com"

set use-public-ip disable

set monitor-interface "wwan"

next

end

Multiple DDNS entries are useful when using SDWAN and multiple broadband links.