Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
vjoshi_FTNT
Staff
Staff

Created on ‎03-15-2005 12:00 AM Edited on ‎05-24-2023 11:59 PM By Community Manager

Article Id 190821

FortiGuard license is expired log messages

Description

 

The article explains why FortiGate records some Event Logs saying that the FortiGuard license is expired.
What happens if the FortiGuard contract is expired and What happens if the FortiGate license expires?

 

Scope


FortiGate.

 

Solution


The reason why these log messages appear may be due to one or more of the following reasons:

 

1) Trial or Evaluation period has expired:
When the status of FortiGuard-Web or FortiGuard-AntiSpam is checked on the GUI or activate one (or more) of these for the first time, a 30-day trial period for the respective feature begins.
After the trial period, log messages such as the following will begin to appear, notifying you that the Trial is over.

2016-03-07 09:17:07 device_id=FGTxxxxxxxxxxxxx log_id=0100020101 type=event subtype=system pri=critical msg="Fortiguard license is expired"

 

2) Contract is over:
If a FortiGuard Contract is purchased, and theFortiGuard contract is not renewed, the log messages like the one below indicate that the FortiGuard license has expired:

2016-03-01 21:35:58 device_id=FGTxxxxxxxxxxxxx log_id=0100020101 type=event subtype=system pri=critical msg="Fortiguard license is expired"


What happens if the FortiGuard contract is expired:

If the license is not renewed the following features will stop working:
- FortiGuard web filter will lose connection, so FortiGuard category-based web filtering will stop working (policies, where Web filter is applied, will block traffic)
However, if there is Static URL filtering applied, that will be still work as per the configured entries.
This is not practical and it works for specific setups only where they must allow access to specific URLs and the rest to be blocked
- AV and IPS scanning will still continue to work, but the signature databases will not be updated to the FortiGate.
This is very important as the firewall will no longer offer protection against new threats

- any feature that requires connectivity with the FortiGuard network will no longer benefit from that connectivity
- FortiGateVM licenses will lose GUI access for management (limited only to upload a new license file). CLI access is allowed.

 

Note:

In certain (older) FortiOS builds these messages may be displayed even if the contract is valid (bug). Those versions are no longer supported. Update to a supported FortiOS version first:

https://support.fortinet.com/Information/ProductLifeCycle.aspx / Software

Labels:
36284
0 Kudos
Submit Article Idea
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.