Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Vichu_94
Staff
Staff

Created on ‎08-26-2022 12:30 AM Edited on ‎10-24-2024 08:51 PM By Community Manager

Article Id 221980

Technical Tip: Adding multiple DDNS entries

Description The article describes how to configure multiple DNS entries.
Scope FortiGate.
Solution

The option to add multiple DDNS entries is configurable only on the CLI of the firewall. 

If in the GUI, the option is not showing to configure DDNS use FortiGuard DNS Servers:


ddns.jpg
In FortiOS v7.4, this can be only configured via CLI. For configuring the Multiple DDNS entries, follow the below command: 

config system ddns
    edit 1
        set ddns-server FortiGuardDDNS
        set ddns-domain "test1.fortiguardddns.com"
        set use-public-ip enable
        set monitor-interface "port1"
    next
        edit 2
            set ddns-server FortiGuardDDNS
            set ddns-domain "test1.fortiguardddns.com"
            set use-public-ip enable
            set monitor-interface "port1"
        next
    end

 

Each unit has a limit to the number of DDNS entries that could be configured on the firewall.

 

To verify that, follow the below link:
Maximum Values Table

In the table, check the entry system.ddns:ddns-server-ip to verify the number of entries that could be added to the firewall.

 

From v7.4.0, DDNS can be configured in GUI as well.  A few things need to be kept in mind: the number of DDNS entries that can be configured is restricted by table size. For entry-level FortiGate models limit is 16, the Mid-range is 32, and the high-range is 64, respectively.

 

There is no license requirement for DDNS service, but configuring DDNS in the GUI is not supported if:

  • The FortiGate model is a 1000-series or higher.

  • The FortiGate is a VM.

  • The DNS server is not using FortiGuard as the DNS.

GUI:

 

DDNS.png

 

Important Note

After upgrading to v7.4.0 or later, any already configured DDNS entries exceeding the limit for the FortiGate model will be deleted.

For example, if a user has 20 DDNS entries before upgrading to v7.4.0 and uses an entry-level FortiGate, the last four DDNS entries will be deleted after upgrading.
If multiple interface in the set monitor-interface is configured it won't update the IP address in the DDNS database TAC case must be created to delete the old DDNS entry. If redundancy needs to be configured multiple DDNS can be configured.  
2787
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.