Unable To Load Fortiguard Ddns Servers List On Fortigate Firewalls -

For immediate relief, manually configuring the DDNS entry via CLI bypasses the list loading step entirely. However, for long-term health, ensure the FortiGate can reach services.fortiguard.net over HTTPS with correct time and valid certificates.

config system fortiguard unset fortiguard-anycast set fortiguard-address "services.fortiguard.net" end Then retry. If the FortiGate is behind an explicit proxy, configure it to use the proxy for FortiGuard updates: For immediate relief, manually configuring the DDNS entry

If all else fails, Fortinet TAC can provide hotfixes or engineering builds for stubborn cases – but 98% of cases are resolved by the steps above. Always test changes in a maintenance window and have a rollback plan. DDNS failure does not impact general internet traffic, but it will break hostname-to-IP updates for remote access or site-to-site VPNs relying on DDNS. If the FortiGate is behind an explicit proxy,

get system status | grep "Date" Compare with actual UTC. If incorrect, configure NTP: get system status | grep "Date" Compare with actual UTC

Introduction FortiGate firewalls offer a built-in Dynamic DNS (DDNS) client that works seamlessly with Fortinet’s own FortiGuard DDNS service (e.g., *.fortiddns.com ). However, administrators occasionally encounter a frustrating issue: when attempting to configure DDNS, the firewall displays the error: "Unable to load FortiGuard DDNS servers list." This message typically appears in the GUI under Network > DNS > Dynamic DNS when clicking the dropdown for server selection, or during CLI operations. Without access to this list, you cannot select the FortiGuard DDNS service, making dynamic updates impossible.