Unable To Load Fortiguard Ddns Servers List On Fortigate Firewalls May 2026

This error prevents the firewall from fetching the official list of supported DDNS providers (such as FortiGuard DDNS, No-IP, or DynDNS) from Fortinet’s servers. Without this list, you cannot select a provider, configure the service correctly, or update your dynamic IP.

In this deep-dive article, we will explore the root causes of this error, provide step-by-step diagnostic commands, and walk through permanent fixes—from DNS configuration to FortiGuard web filtering overrides. When you navigate to Network > DNS or Network > DDNS and attempt to edit or create a new DDNS entry, the FortiGate must query Fortinet’s central servers (typically guard.fortinet.net or service.fortinet.com ) to retrieve an XML or JSON list of supported DDNS providers. The error "unable to load fortiguard ddns servers list" indicates that the HTTP/HTTPS request to these endpoints failed.

config system fortiguard set fortiguard-anycast disable set protocol udp set port 8888 set sdns-server-ip "208.91.112.220" end Then restart the FortiGuard service: This error prevents the firewall from fetching the

If all else fails, remember that the CLI bypasses this list entirely. You can configure any supported DDNS provider manually and achieve full functionality without ever seeing the graphical list.

config system ddns edit 1 set ddns-server noip # Options: dyndns, noip, FortiGuardDDNS set ddns-domain "yourhost.no-ip.com" set ddns-username "user" set ddns-password "pass" set interface "wan1" next end After a few minutes, verify update status: When you navigate to Network > DNS or

show system dns Ensure they are valid (e.g., 8.8.8.8 , 1.1.1.1 , or your internal resolvers). Also verify:

For persistent cases, engage Fortinet TAC with the diagnostic outputs from diagnose debug flow and execute curl to pinpoint the exact connectivity break. Share your experience or additional tips in the comments below. For more FortiGate troubleshooting, subscribe to our newsletter or check out our related guides on VPN stability and SD-WAN configuration. You can configure any supported DDNS provider manually

execute ping 8.8.8.8 If external pings fail, the routing or WAN interface is misconfigured. Even if ping works, HTTPS might be blocked. Test the actual service endpoint: