can i create site to site VPN with fortigate using DDNS?

I have M200 watchguard and trying to establish a site to site VPN with fortigate 40F
I have static legal IP for the Watchguard and dynamic legal IP for the fortigate
this is why we enabled DDNS on the fortigate and tested resolving the good IP
when i use the legal IP's the tunnel is up
When i use the DDNS of the fortigate on the watchguard as a remote the tunnel go down and the error check your remote ID
Although when i checked the domain nslookup i am getting the good IP.
When i return the legal IP on the watchguard the tunnel go up and work
Is there is an issue using DDNS between watchguard and fortigate?


  • Options

    There isn't an issue about using a domain name on the WG end.

    You can turn on diagnostic logging for IKE which may show something to help:
    In WSM Policy Manager: Setup -> Logging -> Diagnostic Log Level -> VPN -> IKE
    In the Web UI: System -> Diagnostic Log
    Set the slider to Information or higher

    If this doesn't help, consider opening a support incident.
    Support will probably want the IKE diagnostic logs in order to help.

Sign In to comment.