config system interface edit "wan1" set dns-server-override disable end Use code with caution. Copied to clipboard
Follow these structural solutions in sequence to restore normal GUI functionality. 1. Disable ISP DNS Overrides on WAN Interfaces
Go to Network > Interfaces , edit your active WAN interface, and uncheck Override internal DNS . Via the CLI: Disable ISP DNS Overrides on WAN Interfaces Go
Occasionally, the local cache of the FortiGuard data is corrupted. Force an update:
Check the status of your DDNS configuration and the server IP resolved by the FortiGate using the Fortinet Community Guide for detailed command outputs. If the GUI continues to fail
config system fortiguard set fortiguard-anycast disable set protocol udp set port 8888 # Optional: Try port 8888 if 53 is blocked end Use code with caution. Copied to clipboard
The issue "Unable to load FortiGuard DDNS server list" on FortiGate firewalls typically prevents you from selecting a DDNS server in the GUI, often occurring after firmware upgrades or due to DNS/network configuration conflicts. Common Root Causes causing the handshake to fail.
If using DHCP/PPPoE on your WAN, disable the setting that allows the ISP to override your DNS, as this often breaks FortiGuard resolution: Network > Interfaces > Edit WAN > Unselect Override internal DNS config system interface edit dns-server-override disable end Use code with caution. Copied to clipboard 3. Disable Anycast and Switch to UDP
: Some firmware versions have experienced a known bug where the FortiGuard DDNS server presents an SSL certificate for a different domain ( sdns.fortinet.net vs. ddns.fortinet.net ), causing the handshake to fail. Look for errors like "hostname mismatch" in your CLI debug logs. Applying the core CLI fixes often resolves this.
: If you are on an older version of FortiOS, consider upgrading to the latest stable release, as many DDNS resolution bugs were patched in recent builds.
If the GUI continues to fail, you can configure the DDNS settings directly via the CLI, which often bypasses GUI-based list loading issues. fortitenet