All,
Successfully upgrading a FortiGate 200F results in a broken FortiDDNS application. The FortiDDNS server list no longer populates with a list of available domains which breaks the service. Rebooting the firewall does not solve the problem. Further, the maintenance tunnel through FortiCloud will not connect to the system. Has anyone else experienced this issue? Is there a solution to this?
If the FortiDDNS service is important to you, then I recommend against upgrading to FortiOS 6.4.2 until this is addressed.
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hi,
Try using the below commands and see if that fixes the DDNS issue or not :
# config system fortiguard
# set fortiguard-anycast disable
# set protocol udp
# end
- Let me know if that helps or not.
Kind Regards,
Patel
Hi wlerner,
I don't use Fortigate's DDNS- but I thought I'd have a look and see if I saw the same problem. I am running 6.4.2 on a 60E.
The short answer is I don't seem to see what you are seeing.
I do seem to have the servers list populated and I can choose a "unique location" and it tells me that I can use (or not!) the unique location I choose.
I've not tried applying the config (since I'm using static public addresses and standard DNS resolution) but it looks ok to me.
I have had issues with the "anycast" FortiGuard servers so I'm currently using Fortiguard over UDP on port 8888. Not sure if this is likely to impact what you are seeing?
Hope that helps your fault finding.
Kind Regards,
Andy.
I am experiencing this issue with a FortiGate 200F connected to the Internet through Cox as well as a FortiGate 81E connected through Xfinity. Both were upgraded to 6.4.2 and are experiencing the same issue. I have rebooted both systems a number of times as well as checked the configuration on the command line to no avail.
I am glad you are not having any issues and your post is helpful. Maybe this is an issue limited to certain areas or providers, I do not know. It is odd that it is happening in 2 different devices located on the East and West coast of the US. I will continue to wait for more information. Thanks.
I have a FG-60F and also upgraded from 6.2.3 ---> 6.4.0 ---> 6.4.2. During the upgrade process, I had FortiDDNS service intact on FortiOS 6.2.3 & 6.4.0. When I upgraded to 6.4.2, FortiDDNS service broke. No longer could see the Fortiguard DDNS servers. I have an active support ticket addressing this issue. I might get it resolved with Fortinet Support tomorrow, Monday. If so, I'll post resolution.
Note: I did take a look at my previous configs to compare. I tried to cli and input "config system ddns" on FortiOS v6.4.2, but still no go.
============
F/W: 6.2.3_build6188 - Working FortiDDNS Service
config system dns set primary 208.91.112.53 set secondary 208.91.112.52 end config system ddns edit 1 set ddns-server FortiGuardDDNS set ddns-domain "My Unique Location.fortiddns.com" set monitor-interface "wan1" next end
============
F/W: 6.4.0_build6025 - Working FortiDDNS Service
config system dns set primary 208.91.112.53 set secondary 208.91.112.52 end config system ddns edit 1 set ddns-server FortiGuardDDNS set ddns-domain "My Unique Location.fortiddns.com" set monitor-interface "wan1" next end ============
F/W: 6.4.2_build1723 - Non-Working FortiDDNS Service
config system dns set primary 208.91.112.53 set secondary 208.91.112.52 end ============
Hi,
Try using the below commands and see if that fixes the DDNS issue or not :
# config system fortiguard
# set fortiguard-anycast disable
# set protocol udp
# end
- Let me know if that helps or not.
Kind Regards,
Patel
Hello Patel, The CLI edit you advised restored my Fortiguard DDNS service on FortiOS v6.4.2. Thank You! James
I have applied the commands recommended by Patel and they successfully restored the FortiDDNS service after a brief period of time due to the changing of protocols to UDP. The solution restored my service as well on version 6.4.2. Thank you Patel!
Hi,
Glad that these commands fixed it. Welcome.
Regards,
Patel
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1731 | |
1105 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.