Run the following commands to switch to the Fortinet-preferred UDP protocol:
If the issue persists,g., single WAN vs. SD-WAN) for more tailored troubleshooting steps.
"Unable to load FortiGuard DDNS server list" on a FortiGate firewall typically occurs due to a communication failure between the device and the FortiGuard network, often caused by DNS overrides, protocol mismatches, or Anycast issues. Immediate Fixes Disable DNS Server Override
Ensure policy from FortiGate’s internal interface to WAN allows HTTPS (443) to *.fortiguard.net and *.fortiddns.com . Run the following commands to switch to the
config system ddns edit 1 set ddns-server "fortiguard.net" # or "dyndns.org", "no-ip.com" set ddns-domain "yourhost.example.com" set ddns-username "yourusername" set ddns-password "yourpassword" set interface "wan1" set use-public-ip enable next end
This public link is valid for 7 days and shares a thread, including any personal information you added. This link or copies made by others cannot be deleted. If you share with third parties, their policies apply. Can’t copy the link right now. Try again later.
If the FortiGate is deployed in an internal network segment without direct internet access, ensure the interface designated for "Management" traffic can reach the internet. Immediate Fixes Disable DNS Server Override Ensure policy
Some ISPs or upstream firewalls block low-numbered ports, including UDP port 53, which is used by FortiGuard by default. Try changing the FortiGuard port to the alternate port 8888 (TCP) in the FortiGuard settings to see if that resolves the issue.
Ensure the device can reach the internet and resolve Fortinet domains using the FortiGate CLI execute ping service.fortiguard.net execute ping update.fortiguard.net 2. Fix DNS Overwrites
The error message "Unable to load FortiGuard DDNS server list" typically appears when accessing the DDNS configuration section under . When this occurs, the dropdown menu for selecting a DDNS server remains empty, making it impossible to complete the setup through the graphical user interface (GUI). If you share with third parties, their policies apply
Occasionally, the issue is isolated to the web interface. The FortiGate may still be able to update DDNS correctly, but the GUI fails to display the server list. In such cases, using the command-line interface (CLI) provides a reliable alternative.
: Verify your license status in the Dashboard > Status widget.
