Help
Cybersecurity Forum

This forum is for all security enthusiasts to discuss Fortinet's latest & evolving technologies and to connect & network with peers in the cybersecurity hemisphere. Share and learn on a broad range of topics like best practices, use cases, integrations and more. For support specific questions/resources, please visit the Support Forum or the Knowledge Base.

cutanda
New Contributor

Created on ‎03-05-2018 03:51 PM

Cannot update software

Hi,
my fortigate 60D is blocking one of our software updates.
I can update if no device and I already do the reset, even allowing all traffic policy just to test.
any idea?

PS: not also sure what port the software is using.



Thanks!

Hanivar

Labels:
361
0 Kudos
3 REPLIES 3
rmoussa
Contributor

Created on ‎03-06-2018 08:54 AM

If you are allowing all traffic and still the update is being blocked.

You might try to select inspect all port inside the ssl inspection profile (If you are using ssl inspection) 

Rony Moussa

NSE Certified : Level 8

Rony Moussa
Fortinet NSE Certified: Level 8
Rony MoussaFortinet NSE Certified: Level 8
348
0 Kudos
DrWolfgangBeneicke1
New Contributor III
In response to rmoussa

Created on ‎03-07-2018 10:56 PM

Unfortunately, the description is quite vague.

If you cannot find any messages in the Log&Report section, there are 2 further UTMs which drop traffic:

- botnet blacklist

- Application control

The "block botnet C&C address" feature can be enabled in the interface setup ('wan1' for example) or in the policy allowing internet access. If you disable this the blacklist will not be effective anymore.

For AppControl, the category 'Malicious Websites' is always enabled regardless of other user-chosen categories. For testing, disable any UTM feature in the policy 'lan' -> 'wan1', like AV, IPS, AC, WF or SSL inspection.

The real question is if this is wise - the FGT nearly never produces false positives in my experience. The source of your sw update might well be compromised.

348
0 Kudos
SCSIraidGURU1
New Contributor

Created on ‎09-09-2020 02:32 PM

Which software updates?  What does forward traffic report?
348
0 Kudos
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.