Webfilter Service down

Make sure your license is showing as active/connected (Green), in the main Status menu, License information, Fortiguard Services. If not, check your license status on your Fortinet Service & Support account

thx, but there was definitely a problem whit the fortinet net. Now is all fine again. :)

I have this problem from one of our sites in Europe. It likely exists because the intercontinental route between the local ISP and the two data centers that house the servers falters occasionally: update.fortiguard.net (antivirus and IPS) service.fortiguard.net (web filtering and antispam) I have " solved" this problem by allowing " Allow Websites When a Rating Error Occurs" on the Web Filter policy. From the ticket:

Here are a few troubleshooting tips. Fortiguard services are on a distributed network so if you do a dns lookup you can get different ip' s depending on your location. 1. To verify if the DNS is resolving, please execute the following from the CLI: # execute ping update.fortiguard.net (ANTIVIRUS AND IPS) # execute ping service.fortiguard.net (WEBFILTERING AND ANTISPAM) If still having problem with DNS, you can try clearing cache # diag test app dnsproxy 1 2. Verify autoupdate status from the CLI: # diagnose autoupdate status You should see the following: IPS definition update: enable Virus definition update: enable set 3. Check when the next scheduled update is set to occur and the version of all packages. # diagnose test update info 4. Initiate sniffer on your unit to view traffic between your unit and Fortiguard update servers. # diag sniffer packet <Your_wan_interface> ' tcp port 443' 1 If the connectivity to the update servers is available, you should see a TCP session (TCP 3way) with update server on TCP port 443. # execute update-now And check " Allow Push Update" option under System --> Maintenance --> FortiGuard --> " AntiVirus and IPS Options" section. For Override >nslookup >Fds1.fortinet.com Addresses : 174.137.33.89, 208.91.112.66, 216.156.209.20 (addresses to give in override) - AV and IPS updates - scheduled update should be enabled - Make sure with the FortiGate time settings # diagnose debug reset # diagnose debug enable # diagnose debug application update -1 # execute update-now Also # get sys fortiguard-service status

Just this morning I RMAed a firewall, performed the license transfer on the support site, then waited, and waited, and waited... I had to update both the web filter and the IPS definitions before 1) the support contract listed as current, 2) either set of UTM features functioned. Guess what I did while they weren' t? Set the web filter to " Allow Websites When a Rating Error Occurs."