Troubleshooting Tip: FortiAnalyzer has a valid license for FortiAI but is facing an issue when using it

Nur · ‎08-04-2025

Description

This article describes the issue when FortiAnalyzer has a valid license for FortiAI but is facing an issue when using it.

download_(11)(1).png

Scope

FortiAnalyzer, FortiManager, FortiAI.

Solution

Verify if FortiAnalyzer has a valid contract.

FAZ-150G # diagnose fmupdate dbcontract
FAZ15GT224XXXXXX [SERIAL_NO]
AccountID: XXXXXXXXXXX
Industry:
Company: XXXXXXXXXXXX
Contract: 6
AISN-1-06-20280725
ENHN-1-10-20251022
FMWR-1-06-20251022
FRVS-1-06-20251022
HDWR-1-04-20260724
SPRT-1-10-20251022
Contract Raw Data:
Contract=AISN-1-06-20280725:0:1:1:0*XXXXXXXXXXXXXX|AccountID=XXXXXXXXX|Company=XXXXXXX|UserID=XXXXX

Verify if FortiAnalyzer can reach the AI server:

diagnose system aiserver get

FMG-VM64 # diagnose system aiserver get
Current server is https://fortiai.forticloud.com

diagnose system aiserver test

* Host fortiai.forticloud.com:443 was resolved.
* IPv6: (none)
* IPv4: 154.52.20.214
* Trying 154.52.20.214:443...
* Connected to fortiai.forticloud.com (154.52.20.214) port 443

exe ping <aiserver IP> <----- The IP can be obtained from the output of the first command.

If FortiAnalyzer unable to reach the AI server via 'diagnose system aiserver test':

Possible to change the DNS IP
If using internal DNS IP, ensure that DNS can resolve the AISERVER.

Make sure fortiai.forticloud.com FQDN has been whitelisted in FortiGate (if FortiGate is in front of the FortiAnalyzer).
Ensure that the user attempting to access the AI chat has the 'FortiAI user' option enabled as below:

Troubleshooting Tip: FortiAnalyzer has a valid license for FortiAI but is facing an issue when using it

You are leaving our website