Technical Tip: Unable to resolve hostname with FortiGuardDDNS

vshtaloja · ‎01-23-2026

Description

This article describes a scenario where a FortiGate 50G is unable to resolve a hostname configured using FortiGuard DDNS.

Scope

FortiOS 7.6.

Solution

A DDNS entry is configured using FortiGuardDDNS.

config system ddns

edit 1
set ddns-server FortiGuardDDNS
set ddns-domain "test.fortiddns.com"
set monitor-interface "wan1"
next
end

Attempting to ping the FortiGuard DDNS hostname fails:

execute ping test.fortiddns.com
Unable to resolve hostname.

However, connectivity and DNS resolution for other domains work as expected:

execute ping http://www.google.com
PING http://www.google.com (10.25.217.112): 56 data bytes
64 bytes from 10.25.217.112: icmp_seq=0 ttl=116 time=4.7 ms
64 bytes from 10.25.217.112: icmp_seq=1 ttl=116 time=4.2 ms
..

The issue can be confirmed by enabling DDNS debugging:

diagnose debug application ddns -1
diagnose debug enable

[212] __ssl_data_ctx_free: Done
[1157] ssl_free: Done
[204] __ssl_cert_ctx_free: Done
[1167] ssl_ctx_free: Done
[1148] ssl_disconnect: Shutdown
fgd_ddns_extract_fcpr_rcode()-431: code=0
1767723996: Failed on update FortiGuardDDNS (test.fortiddns.com), due to internal/config/connect/io err
1767723996: Failed on update FortiGuardDDNS (test.fortiddns.com), next try in 60 seconds
1767723996: next wait timeout 9 seconds
1767724005: next wait timeout 10 seconds
1767724015: next wait timeout 10 seconds
1767724025: next wait timeout 10 seconds
1767724036: next wait timeout 10 seconds
1767724046: next wait timeout 9 seconds

The debug logs show repeated failures when updating the FortiGuard DDNS entry due to an internal connection or I/O error.

The issue has been addressed and will be fixed on the later version FortiOS 7.6.6.

Technical Tip: Unable to resolve hostname with FortiGuardDDNS

You are leaving our website