It is possible to use multiple NTP servers in FortiGate via CLI with either FQDN or an IP address. 

Following is the configuration reference: 

config system ntp 

    set ntpsync enable 

    set type custom 

    set syncinterval 1 

        config ntpserver 

            edit 1 

                set server "time.google.com" 

            next 

            edit 3 

                set server "216.239.35.8" 

            next 

        end 

end 

Note: For this configuration example, the DNS database is used on FortiGate to make sure, time.google.com only resolves to 216.239.35.8.

It is possible to check NTP server status using the following command: 

FortiGate # diag sys ntp status  

synchronized: no, ntpsync: enabled, server-mode: enabled 

ipv4 server(216.239.35.8) unresolved -- unreachable(0xff) S:0 T:0  

         no data 

ipv4 server(time.google.com) 216.239.35.8 -- reachable(0xff) S:0 T:2  

         no data 

Even though it is possible to reach 216.239.35.8 via IP or FQDN, the NTP status is showing as unreachable for the IP address. Here, both server entries use the same IP address and only one of them will be updated when the FortiGate NTP client receives a response from the NTP server.

Now at any given point, if FortiGate is unable to resolve time.google.com/FQDN used in NTP settings, the IP address will become reachable in the next sync cycle. But it will not fall back to FQDN, since both resolve to the same IP address.