FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Description This article describes how to update the DDNS with a public IP on an internal firewall. In previous FortiOS versions, defining a DDNS in a non-edge firewall would result in its association with an internal IP address, even if this IP address belongs to the WAN interface. Hence, the DDNS could not be reached from the Internet. Scope
In version 5.4, DDNS services are capable of registering the external NAT device’s IP address.
L | +------+ WAN1 +------+ Public ******** A +-----| FG | <-------> |Router| <-------> **INTERNET** N | +------+ +------+ ********
Solution In version 5.4 external NAT or public IP address can be associated to the DDNS service with the option "Use Public IP Address" in the GUI or with the command “use-public-ip” in CLI.
# config system ddns edit 1 set ddns-server FortiGuardDDNS set ddns-domain "fg-wan1.fortiddns.com" set use-public-ip enable set monitor-interface "wan1" next end
Once bound the public IP address will be shown in parenthesis in the GUI:
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.