Created on
02-24-2021
03:12 AM
Edited on
05-16-2025
07:04 AM
By
Jean-Philippe_P
Description
This article explains how to configure FortiGate to use FortiManager as local FDS server. FortiManager can be operated as a local FDS server when it is in a closed network with no Internet connectivity.
Scope
FortiGate.
The terminology used in this document:
FDS = Antivirus/IPS service.
Solution
This is only a CLI configuration:
config global <---- If VDOM is enabled, run this command.
config system central-management
set include-default-servers disable <----- Disable it.
end
This warning message will appear:
'Warning: The server-list does not contain a server for URL ratings. Add a server entry or enable 'include-default-servers'.
Note: The set include-default-servers should be enabled if FortiManager is not used as a local FDS server.
config system central-management
config server-list
edit 1
set server-type update
set addr-type ipv4
set server-address x.x.x.x <----- The FortiManager IP.
next
set fmg-update-port 443 <----- The update port.
end
To add override servers from FortiGate GUI: Go to System -> FortiGuard. Scroll down to the Override FortiGuard Servers section.
As provided in the screenshot below:
Choose the type of server: AntiVirus & IPS Updates, Filtering, or Both, and select Apply.
CLI output:
Related documents:
Operating as an FDS in a closed network
Override FortiGuard servers - FortiGate 6.2.16 cookbook
Technical Tip: Configure FortiManager as a local FDN server for FortiGates
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.