Dynamic DNS with EasyDNS and the Fortigate firewall


These instructions are for how to configure Dynamic DNS with the EasyDNS service on the Fortigate 20C firewall (and likely applicable to other models in the line). Though the Fortigate’s web interface supports dynamic DNS, it’s really limited and doesn’t appear to allow what we want.




Instead, we’ll use Secure Shell to connect to the unit and do this from the command line (“FW” in the prompt is the hostname of the firewall):



FW# config system ddns
FW (ddns) # edit 1
FW (1) set ddns-server easydns.com
FW (1) set ddns-domain "mymachine.example.com"
FW (1) set ddns-username "Steve"
FW (1) set ddns-password "YOUR_DDNS_TOKEN"
FW (1) set monitor-interface "wan"


This done, the unit will register IP changes on the monitored interface with EasyDNS.



Note: the intent of this post is only to discuss the Fortigate-specific parts of dynamic DNS, not to provide a comprehensive tutorial. This all assumes that:



  • Your DNS zone is hosted with EasyDNS.com
  • Your zone has dynamic DNS enabled
  • You have enabled dynamic updates for the hostname in question
  • You have generated a valid dynamic DNS token (used instead of a password)


EasyDNS support (via email) has been pretty responsive if their online references aren’t clear, and I was delighted to find that this configuration worked the first time I tried it.



References:




Source: Unix
“The Net interprets censorship as damage and routes around it.” — John Gilmore “The Net interprets bad licenses as damage and forks around it.” — me.