Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Are those IPs matching between the IPs wan1/wan2 currently have and the IPs the FQDNs (like xxxx and yyyy.fortiddns.com) resolve to? For the latter, you can see them in GUI under Network->DNS in FortiGuard DDNS section, or simply ping the FQDNs from a cmd window.
Toshi
Having DDNS on 2 WAN connection for redundany may work but not recommended as it would take time for the IP to get updated.
Kindly check this article: https://community.fortinet.com/t5/FortiGate/Technical-Tip-FortiDDNS-priority-of-monitor-interfaces/t...
If you are unable to access the firewall using the DDNS could you check if this DDNS resolves to your public address?
If you are using custom admin-sport to access the Fortigate, make sure that it is added on the url as well.
Hi rvillaroman, both ddns can resolve to the corresponding public ip address and also can ping.
After disable either wan1 or wan2, I can access the FW using the corresponding fqdn. I don't know why ?
Hi @Andrew_C,
As suggested by Toshi_Esumi, please make sure the FQDN is resolving to the correct IP address. Also, if you want to access the FortiGate GUI, make sure you have HTTPS enabled under administrative access of both wan interfaces.
Regards,
Hi hbac, both ddns can resolve to the corresponding public ip address and also can ping, https has enabled on both wan interfaces.
After disable either wan1 or wan2, I can access the FW using the corresponding fqdn. I don't know why ?
Hi @Andrew_C,
Are you using custom admin-sport or only default 443?
If you are using custom admin-sport, kindly use it on the URL.
Also, is your Fortigate accessible using the corresponding public IP address?
If it is also not accessible by using its corresponding public IP address, you might have a VIP configured on your device that is catching the GUI access requests.
Best Regards,
Created on 05-25-2024 09:45 PM Edited on 05-25-2024 09:47 PM
Hi rvillaroman, default 443 is used and if both wan are enabled, I can't access the fw even using fqdn or ip address.
Do you have any VIPs configured on the FW?
If yes, are you using your public IP on these external-to-internal mappings?
If you have, make sure that you are not using 443.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1702 | |
1092 | |
752 | |
446 | |
228 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.