Skip to main content
AEK
SuperUser
AEK
SuperUser
April 16, 2024
Solved

upd_act_update[515]-won't retry due to install error

  • April 16, 2024
  • 2 replies
  • 2629 views

Hi FG admins

On my FortiGate 7.2.3, freshly transferred to another FortiCloud account successfully, when I click force update license & signatures it doesn't work and it shows the below output.

Any idea on what can be the issue before I open a ticket?

upd_daemon[1808]-Received update request from pid=1621
upd_daemon[1628]-Found cached action=00000002
do_update[665]-Starting now UPDATE (final try)
__update_upd_comp_by_settings[480]-Disabling FLEN components.
__update_upd_comp_by_settings[484]-Disabling NIDSDB/ISDB/MUDB components.
__update_upd_comp_by_settings[488]-Disabling APPDB/IOTDB/OTDB components.
__update_upd_comp_by_settings[492]-Disabling AVEN components.
__update_upd_comp_by_settings[496]-Disabling AVDB/FLDB/MMDB components.
upd_fds_get_next_server[609]-no route, skip addr=[[2620:101:9000:140:173:243:140:6]], weight=1073736430
upd_fds_get_next_server[609]-no route, skip addr=[[2620:101:9000:140:173:243:140:6]], weight=1073736430
upd_fds_get_next_server[609]-no route, skip addr=[[2620:101:9000:140:173:243:140:6]], weight=1073736430
upd_comm_connect_fds[459]-Trying FDS 173.243.140.6:443
[116] __ssl_cert_ctx_load: Added cert /etc/cert/factory/root_Fortinet_Factory.cer, root ca Fortinet_CA, idx 0 (default)
[497] ssl_ctx_use_builtin_store: Loaded Fortinet Trusted Certs
[517] ssl_ctx_use_builtin_store: Enable CRL checking.
[524] ssl_ctx_use_builtin_store: Enable OCSP Stapling.
[828] ssl_ctx_create_new: SSL CTX is created
[855] ssl_new: SSL object is created
[194] ssl_add_ftgd_hostname_check: Add hostname checking 'globalupdate.fortinet.net'
[347] __ssl_crl_verify_cb: CRL not found. Depth 0
__upd_peer_vfy[334]-Server certificate OK.
__upd_peer_vfy[334]-Server certificate OK.
__upd_peer_vfy[334]-Server certificate OK.
__upd_peer_vfy[334]-Server certificate OK.
[399] __bio_mem_dump: OCSP status good

upd_pkg_create_update_req[691]-Update comp 0xbbe64af0
upd_cfg_extract_antiphish_pattern_db_version[865]-Failed antiphish pattern db version, obj 31
pack_obj[185]-Packing obj=Protocol=3.2|Command=Update|Firmware=FG101F-FW-7.04-2573|SerialNumber=FG101FTKxxxxxxxx|UpdateMethod=0|AcceptDe
lta=1|DataItem=07004000DBDB00100-00000.00000-0101010000*07004000CIDB00100-00001.00159-2402010000*07004000IPGO00000031722304130223*000000
00FCNI00000-00000.00000-0000000000*00000000FDNI00000-00000.00000-0000000000*01000000FSCI00100-00000.00000-0000000000*07004000FFDB01908-0
0000.00000-0101010000*07004000UWDB00100-00000.00000-0101010000*07004000CRDB00000-00001.00050-2404031733*07004000SFAS00000-00000.00000-01
01010000*07004000MCDB00100-00000.00000-0101010000*01000000ALCI00000-00000.00000-0000000000*07004000MADB00200-00001.00143-2212060900*0700
4000AFDB00100-00000.00000-0000000000*07004000ICDB00101-00000.00000-0101010000*07004000DLDB00000-00000.00000-0101010000*07004000FMWP00105
-00000.00000-0101010000*07004000CASB00201-00001.00004-2312050218

get_fcpr_response[297]-Unpacked obj: Protocol=3.2|Response=300|Firmware=FPT033-FW-6.9-0201|SerialNumber=FPT-FGT
-DELL0405|Server=FDSG|Persistent=false|PEER_IP=x.x.x.x|ResponseItem=07004000DBDB00100:200*07004000CIDB00100:200*07004000IPGO00000:
200*00000000FCNI00000:200*00000000FDNI00000:200*07004000FFDB01908:200*07004000UWDB00100:200*07004000CRDB00000:204*07004000SFAS00000:200*
07004000MCDB00100:200*07004000MADB00200:200*07004000AFDB00100:200*07004000ICDB00101:200*07004000DLDB00000:401*07004000FMWP00105:200*0700
4000CASB00201:200*01000000FSCI00100:200*01000000ALCI00000:200
installUpdatePackage[1227]-Online Update freezed, expiry=661eb6e8, current=661ead11
upd_install_pkg[1394]-Failed pkg install (-14)
__upd_act_update[310]-Failed installing pkg
upd_comm_disconnect_fds[500]-Disconnecting FDS 173.243.140.6:443
[207] __ssl_data_ctx_free: Done
[1108] ssl_free: Done
[199] __ssl_cert_ctx_free: Done
[1118] ssl_ctx_free: Done
[1099] ssl_disconnect: Shutdown
upd_comm_connect_fds[459]-Trying FDS 173.243.140.6:443
[116] __ssl_cert_ctx_load: Added cert /etc/cert/factory/root_Fortinet_Factory.cer, root ca Fortinet_CA, idx 0 (default)
[497] ssl_ctx_use_builtin_store: Loaded Fortinet Trusted Certs
[517] ssl_ctx_use_builtin_store: Enable CRL checking.
[524] ssl_ctx_use_builtin_store: Enable OCSP Stapling.
[828] ssl_ctx_create_new: SSL CTX is created
[855] ssl_new: SSL object is created
[194] ssl_add_ftgd_hostname_check: Add hostname checking 'globalupdate.fortinet.net'
[347] __ssl_crl_verify_cb: CRL not found. Depth 0
__upd_peer_vfy[334]-Server certificate OK.
__upd_peer_vfy[334]-Server certificate OK.
__upd_peer_vfy[334]-Server certificate OK.
__upd_peer_vfy[334]-Server certificate OK.
[399] __bio_mem_dump: OCSP status good

upd_pkg_create_update_req[691]-Update comp 0xbbe64af0
upd_cfg_extract_antiphish_pattern_db_version[865]-Failed antiphish pattern db version, obj 31
pack_obj[185]-Packing obj=Protocol=3.2|Command=Update|Firmware=FG101F-FW-7.04-2573|SerialNumber=FG101FTKxxxxxxxx|UpdateMethod=0|AcceptDe
lta=0|DataItem=07004000DBDB00100-00000.00000-0101010000*07004000CIDB00100-00001.00159-2402010000*07004000IPGO00000031722304130223*000000
00FCNI00000-00000.00000-0000000000*00000000FDNI00000-00000.00000-0000000000*01000000FSCI00100-00000.00000-0000000000*07004000FFDB01908-0
0000.00000-0101010000*07004000UWDB00100-00000.00000-0101010000*07004000CRDB00000-00001.00050-2404031733*07004000SFAS00000-00000.00000-01
01010000*07004000MCDB00100-00000.00000-0101010000*01000000ALCI00000-00000.00000-0000000000*07004000MADB00200-00001.00143-2212060900*0700
4000AFDB00100-00000.00000-0000000000*07004000ICDB00101-00000.00000-0101010000*07004000DLDB00000-00000.00000-0101010000*07004000FMWP00105
-00000.00000-0101010000*07004000CASB00201-00001.00004-2312050218

get_fcpr_response[297]-Unpacked obj: Protocol=3.2|Response=300|Firmware=FPT033-FW-6.9-0201|SerialNumber=FPT-FGT
-DELL0402|Server=FDSG|Persistent=false|PEER_IP=x.x.x.x|ResponseItem=07004000DBDB00100:200*07004000CIDB00100:200*07004000IPGO00000:
200*00000000FCNI00000:200*00000000FDNI00000:200*07004000FFDB01908:200*07004000UWDB00100:200*07004000CRDB00000:204*07004000SFAS00000:200*
07004000MCDB00100:200*07004000MADB00200:200*07004000AFDB00100:200*07004000ICDB00101:200*07004000DLDB00000:401*07004000FMWP00105:200*0700
4000CASB00201:200*01000000FSCI00100:200*01000000ALCI00000:200
installUpdatePackage[1227]-Online Update freezed, expiry=661eb6e8, current=661ead44
upd_install_pkg[1394]-Failed pkg install (-14)
__upd_act_update[310]-Failed installing pkg
upd_comm_disconnect_fds[500]-Disconnecting FDS 173.243.140.6:443
[207] __ssl_data_ctx_free: Done
[1108] ssl_free: Done
[199] __ssl_cert_ctx_free: Done
[1118] ssl_ctx_free: Done
[1099] ssl_disconnect: Shutdown
upd_act_update[515]-won't retry due to install error
do_update[675]-UPDATE failed

 

Best answer by hbac

Hi @AEK,

 

Based on the debug output, I think it just needed some time. If it was working before, you can try again and it should work. 

 

Regards, 

2 replies

johnathan
Staff
johnathan
Staff
April 16, 2024

Is there anything configured under 'config system fortiguard'?
I would take a PCAP on the WAN interface while doing the update just to see what is going on.
I can see that the error is very generic, does not give a specific reason for failure.

Never trust a computer you can't throw out a window.
    hbac
    Staff
    hbacAnswer
    Staff
    April 17, 2024

    Hi @AEK,

     

    Based on the debug output, I think it just needed some time. If it was working before, you can try again and it should work. 

     

    Regards, 

      AEK
      SuperUser
      AEKAuthor
      SuperUser
      April 17, 2024

      Thanks hbac.. It worked alone after few hours.

      AEK
      Terms & ConditionsAccessibility statement