change default dns port

nordik24 · ‎03-31-2016

Hi

Im having troubles configuring DDNS on my fortigate. My ISP is blocking dns for fortigates servers 208.91.112.53 and 208.91.112.53. Is there a way to configure DDNS with my ISPs dns server? Can i change the default port fortigates uses for dns?

thanks

Carlos

Dave_Hall · ‎04-02-2016

The Fortigate only supports DDNS services whose client software is built-in into the fgt firmware. Just configure your fgt to use one of the officially supported DDNS services. If your ISP is forcing you to use their DNS servers then by all means do that -- all you are really doing with DDNS is "updating" an outside DNS record with your public IP - your ISP's DNS servers should still be able to "resolve" the FQDN hostname back to your public IP address.

NSE4/FMG-VM64/FortiAnalyzer-VM/6.0 (FWF30E/FW92D/FGT200D/FGT101E/FGT81E)/ FAP220B/221C

View solution in original post

Dave_Hall · ‎04-02-2016

The Fortigate only supports DDNS services whose client software is built-in into the fgt firmware. Just configure your fgt to use one of the officially supported DDNS services. If your ISP is forcing you to use their DNS servers then by all means do that -- all you are really doing with DDNS is "updating" an outside DNS record with your public IP - your ISP's DNS servers should still be able to "resolve" the FQDN hostname back to your public IP address.

NSE4/FMG-VM64/FortiAnalyzer-VM/6.0 (FWF30E/FW92D/FGT200D/FGT101E/FGT81E)/ FAP220B/221C

nordik24 · ‎04-02-2016

but if i want to use Foriguards DDNS, is it then required to have fortinets DNS servers? I ask because when i choose to specify DNS servers the option for using fortiguards DDNS disappears

/carlos

rwpatterson · ‎04-03-2016

nordik24 wrote:
but if i want to use Foriguards DDNS, is it then required to have fortinets DNS servers? I ask because when i choose to specify DNS servers the option for using fortiguards DDNS disappears

/carlos

Looks like you are confusing two issues:

[ul]

DNS (Domain Name Service) simply resolves IP addresses from fully qualified domain names. Your ISP will usually only allow their servers or possibly an open DNS server for DNS resolution.

DDNS (Dynamic Domain Name Service) will dynamically map your IP address to a name (to be used in DNS lookups).[/ul]

Once the DNS issue is straightened out and the FGT is able to resolve names, then the FGT will resolve your DDNS server's name and your DDNS registration should take place.

Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com

ede_pfau · ‎04-03-2016

Indeed, sniffing DDNS update requests from a FGT (running v5.2.x) reveals that FortiOS contacts "members.dyndns.org" which it then has to resolve to an IP address. Then it contacts and updates the DDNS record with DynDNS (as an example).

AFAIK Fortinet's DDNS is integrated with Fortinet's DNS (same address). That would explain why the DDNS option is dropped when none of the system DNS is pointing to Fortinet's DNS.

One workaround would be to not use Fortinet's DDNS but any other DDNS service like Dyn. That of course would cost something. Maybe your ISP is willing to pay for that.

Ede Kernel panic: Aiee, killing interrupt handler!

nordik24 · ‎04-05-2016

hi

thanks for your answers.

What i mean if i choose the specify the dns server, the ddns options disappears

Please see attached picture

so my question is, can i still use fortines ddns when specifying the dns server?

change default dns port

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website