FortiClient proactively defends against advanced attacks. Its tight integration with the Security Fabric enables policy-based automation to contain threats and control outbreaks. FortiClient is compatible with Fabric-Ready partners to further strengthen enterprises’ security posture.
This article describes error messages seen when FortiClient fails to retrieve a list of available servers for signature updates.

Domain, port 80 has to be allowed or whitelisted in firewall in order for FortiClient to connect to it to retrieve a list of servers available to download signature updates.

To check the list of servers’ IP addresses retrieved by FortiClient, go to About -> Diagnostic Tool -> Run Tool.
A '' file will be created.
Extract it, go to FDS folder and look for 'CheckUpdate.xml'.
Edit 'CheckUpdate.xml' file and a list of IP addresses retrieved will be displayed.

Telnet to port 8889 to the list of server IP addresses can be done to verify FortiClient’s connectivity to connect to update servers for signature updates.