Technical Note: How to use FortiGuard DDNS when FortiGate WAN interface has a private IP address
Description
This article describes how to use FortiGuard DDNS to resolve to the public IP of the FortiGate when the 'wan' interface is configured with a private IP. The goal is to get management access to a FortiGate using a domain name instead of IP address.
Scope
FortiGate.
Solution
- Configure a private IP address on the 'wan' interface. Note that the FortiGate must be behind a NAT device using a public IP address.
- Go to System -> DNS and configure the following:
- Make sure 'Use FortiGuard Servers' is selected.
- Select an interface (wan1 in this example).
- Select 'Use Public IP Address'.
- Select the 'Unique Location', for example, 'fgtest'.
- Apply.
To configure in the CLI:
config system ddns
edit 1
set ddns-server FortiGuardDDNS
set ddns-domain fgtest.fortiddns.com
set use-public-ip enable
set monitor-interface wan1
next
end
After it has been configured, 'fgtest.fortiddns.com' should resolve to the public IP address of the FortiGate.
Related article:
Troubleshooting Tip: DDNS Private IP Issue