Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
kishizuka_FTNT
Staff
Staff

Created on ‎09-16-2025 10:30 PM

Article Id 410115

Technical TIP : Local FDS update may fail when devices are hidden in FortiManager

Description

This article describes technical guidance for scenarios where FortiManager is used solely as a Local FDS (FortiGuard Distribution Server) without registering FortiGate devices.

If a device is hidden in Device Manager, update operations may fail. This behavior occurs because FortiGate devices that are hidden in the FortiManager device list are not eligible for Local FDS updates.
Scope

Product: FortiGate, FortiManager.

Feature: Local FDS.

Versions: All supported versions.
Solution

FortiManager allows the use of the Local FDS feature without registering FortiGate devices. In this mode, unregistered devices appear in the Device Manager as Unregistered devices.
These devices can be hidden from the list using the Hide button.

 hide.png

 

However, once a device is hidden, it will be treated as a Hidden device, and hidden devices are not allowed to use the Local FDS service. As a result, when the FortiGate attempts to perform an update through Local FDS, the operation fails with a 401 response.

 

FortiGate debug log example:

 

diagnose debug application update -1
diagnose debug enable
execute update-now
...
get_fcpr_response[298]-Response=401|Persistent=false
upd_pkg_verify_update_rsp[1124]-Unexpected update rsp code 401


FortiManager debug log example:

 

diagnose fmupdate view-linkd-log fds
info fds_svrd: __check_unreg_device: device FGVM02TM25000841 is hidden, skip update
warn fds_svrd: check unreg failed for FGVM02TM25000841
info fds_svrd: Response=401|Persistent=false

 

Recovery step from the Hidden devices:

 

  1. Delete the hidden device entry in FortiManager.
  2. The device can be made visible again by selecting 'Display Hidden Devices'.

    Display.png
  3. After reappearing, the device can be deleted from the device list.
  4. Once deleted, the FortiGate will appear as an Unregistered device instead of a Hidden device when attempting the next update.
  5. After this process, the FortiGate can successfully perform updates via the Local FDS.

 

Labels:
25
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.