Troubleshooting Tip: FortiGate and FortiAnalyzer Connectivity Issues with Error ‘Failed to Get FAZ's Status - Hostname Resolution Failed’
| Description | This article describes a solution to resolve the connectivity failure between FortiGate and FortiAnalyzer when the error 'Failed to get FortiAnalyzer's status. Hostname resolution failed' is encountered. |
| Scope | FortiGate v7.2.8 |
| Solution | In this scenario, FortiGate and FortiAnalyzer firmware versions are compatible. When testing the connectivity between FortiGate and FortiAnalyzer, the following errors may occur: CLI:
execute log fortianalyzer test-connectivity Unknown host: Failed to get FAZ's status. Hostname resolution failed. (-21)
GUI:
The following errors are seen in the fgtlogd debug output:
2024-09-04 09:10:20 <21994> __faz_open_oftp()-315: Failed to get faz address for 2024-09-04 09:10:20 <21994> fgtlog_start_rmt_conn()-1849: could not create oftp connection for remote server global-faz
This issue has been resolved in FortiOS version 7.4.9 and 7.6.1.
Logs required by FortiGate TAC for Investigation:
Debugs:
diagnose debug application fgtlogd 255 diagnose debug application miglogd 255 diagnose debug application oftpd 8 X.X.X.X <- X.X.X.X is the FortiGate IP. Alternatively, a device name can be used, but an IP is preferred. diagnose sniffer migsock ssl-trace enable diagnose sniffer migsock start diagnose debug console timestamp enable diagnose debug enable
diagnose test application fgtlogd 1 diagnose test application fgtlogd 2 diagnose test application fgtlogd 4 diagnose test application fgtlogd 9
To disable the debugs, use the command 'diag debug disable'.
Sniffers:
diag sniffer packet any "host <Fortianaylzer_IP>" 6 0 l
TAC Report:
execute tac report
The configuration file of the FortiGate.
Workaround:
Reboot the FortiGate affected. |
