Technical Tip: CLI commands to verify status of the FortiGuard auto-update status

The following command returns information about the status of the auto-update service including the FDN availability, scheduling option, tunneling option, and if it is updated, as well as the virus response IPS definition.

If availability is shown, information will be provided about the last successful update or unsuccessful attempt.

get system auto-update status

If FDN connectivity is available:

The output is as follows if it failed:

Another command that gives a similar output as above:

diagnose autoupdate status

If the FDN availability is showing unavailable, to verify connectivity to the FortiGuard servers and ensure the FortiGate device is correctly resolving DNS, use the following commands to ping the specified hostnames:

execute ping service.fortiguard.net
execute ping update.fortiguard.net
execute ping guard.fortinet.net

Additionally, run the FortiGuard debug commands to gather information and retrieve the latest updates from the FortiGuard servers:

diagnose debug reset
diagnose debug console timestamp enable
diagnose debug application update -1
diagnose debug enable
execute update-now

Related articles:

Technical Tip: CLI commands to verify status of the FortiGuard service

Troubleshooting Tip: Unable to connect to FortiGuard servers