How to Configure Dynamic DNS on FortiGate Firewall

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
hi guys this is the Igor attack today I will show you how to configure Dynamic DNS or ddns on fortigate firewall Dynamic DNS allows you to access your device or website or even server from anywhere in the world even if that IP address is constantly being updated or changed it also allows us to overcome the issues related to Dynamic IP addresses an example is instead of entering your device IP address which is 1.1.1.1 you can simply use the Dynamic DNS which is abc.xyz.com to access your device even though the IP address changes to 2.2.2.2 or 3.3.3.3 we have two options for the ddns configuration the first option is using a single ddns for multiple Wan links the second option is to configure a dedicated ddns for each Wan link [Music] let's begin we will do first the first method which is to configure single DNS for multiple Wan links notice that I'm currently accessing the 40 gate device through the public IP address which is the wan1ip address this is my primary connection which we configured in the previous video therefore we will configure Dynamic DNS so that we can use it to access this device instead of using this public IP address go to network choose DNS for the DNS servers choose use 40guard servers now scroll down 40 guard ddns was disabled by default so we need to enable it for the interface we will use the primary connection which in my case is the WAN 1 or isp1 you can see the public IP address which we use to access the device alternatively we can also add all the other Wan links here we can add the WAN 2 which we configured pppoe and also the isp3 which we configured as DHCP if you configure pppoe with VLAN ID then you must add the VLAN interface not the physical interface we can add all the WAN interfaces from here we also configured failover method on the previous video so even though the isp-1 fails the ddns will go through isp2 and if isp2 fails it will go through isp3 if we scroll down we received a warning this interface has a private IP address which may not be publicly accessible this is because we added isb3 which we configured DHCP using a private IP address if you have another router before the 40 gate and if you configured a private IP address then you need to enable use public IP address I will explain this later on for this first method we will remove this isp3 then we will configure it later for the dedicated ddns which is the second method we will configure isp1 and isp2 to use only one Dynamic DNS again we are not going to enable use public IP address because for the isp1 we configured using the public fixed IP address and for isp2 we configured pppoe both of the interfaces are using public IP addresses for the server we have three free servers by default you can use third-party Dynamic DNS if you have for method one we will use 40ddns we will use 40 d y and DNS for method 2 which will be dedicated for isp3 for The Unique location you need to input a domain name usually the company name or any word for your reference if it's already in used or not available then it will show you some error which is domain not available you need to enter a different domain until you see it's available you can now see the newly created Dynamic DNS which in my case is taraki.40ddns.com now click ok to apply the changes we can now use this domain to access the device instead if using the public IP address even though the isb1 fails it will auto failover to isp2 or if you have a dynamic IP address and it automatically renewed we can still use the domain name regardless of what IP address of the WAN links now let's open a command prompt first is we're going to test ping my public IP address which is 1.100.1.5 it should be reachable since we enabled the Ping On the WAN interfaces on the previous video now let's try to Ping the Dynamic DNS which in my case is taraki.40ddns.com success notice the resolved IP address is the same with my public IP address which is 1.100.1.5 let's now test to access the firewall using the domain name we can simply copy the domain name and paste it on another tab using https as we enabled on the WAN interface the Dynamic DNS is now working we can ping and use it to access the device we can also use the Dynamic DNS for ipsec VPN sslvpn and even port forwarding you can check my other videos for those tutorials next is we are going to configure dedicated ddns for isp3 you can see it receives a private IP address because there's an ISP router before this 40 gate which is where the public IP address is configured for this second method we are going to configure it on the CLI because we can only configure one Dynamic DNS from the GUI or web interface unlike the CLI we can configure multiple Dynamic DNS you can follow these commands configure systemdns enter the command show to view the current ddns configuration we can see here the one we configured earlier the domain name which is taraki.40ddns.com also the monitoring interfaces which is when 1 and Wan 2 or isp1 and isp2 to add more Dynamic DNS run the command edit plus the sequence number we must follow the number sequence so we will use two or higher number but not one since it's already in used hit enter you can see that new entry 2 added and now we are at sequence 2. now we can copy the first Dynamic DNS configuration except for the ddns domain and monitoring interface set ddns server 40 guard ddns set ddns domain we can use the same unique word turaki but we need to change 40ddns to different free servers like 40D Y and DNS we can use taraki.40dyndns.com set monitor interface followed by the isb3 interface which is internal 5. we configured this Lan interface to be our Wan interface from the previous video if we go back to the interfaces and look at the isp3 it's using private IP address so we need to enable use public IP address set use public IP enable this is the same option from what we have seen on the GUI configuration earlier now if we enter the show command again we can see the two Dynamic DNS configured the first one is a single Dynamic DNS with multiple Wan links and the second one is dedicated Dynamic DNS using a private IP address these all depend on your preference you can configure dedicated Dynamic DNS for each ISP if you don't want to combine multiple Wan links for a single Dynamic DNS if we go back to the GUI interface and check the ddns configuration notice that we can only see one Dynamic DNS this is because GUI or web will only show one Dynamic DNS which is the first one you configured you can only view other Dynamic DNS configurations from CLI console well I hope by now you know how to configure Dynamic DNS that's all for today's demonstration and I really hope you like this video if you are new to my channel please don't forget to like share subscribe and click on the notification Bell for more amazing tutorials thank you and see you in the next video
Info
Channel: IgoroTech Official
Views: 15,325
Rating: undefined out of 5
Keywords: How to Configure Dynamic DNS on FortiGate Firewall - google.com, How to Configure Dynamic DNS on FortiGate Firewall - youtube.com, fortigate dynamic dns, fortigate firewall dynamic dns, fortinet dynamic dns, dynamic dns, fortigate firewall, fortinet firewall, dynamic dns configuration, fortigate firewall dynamic dns - google.com, fortigate firewall dynamic dns - youtube.com, configuration, setup, ddns, setup fortigate, setup fortigate firewall, configure fortigate firewall, fortiguard
Id: fNGrx3gT6wQ
Channel Id: undefined
Length: 8min 33sec (513 seconds)
Published: Wed Apr 05 2023
Related Videos
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.