|
Changing the time zone to another zone and back may fix the issue without impacting other services.
If FortiGuard is configured to use Anycast servers (default), expect to see an IPv6 server with D I F flags when this command is run. The F flag means Failure:
diag debug rating
The issue was not observed when Anycast servers were not used:
config system fortiguard
set fortiguard-anycast disable
set protocol udp
set port 8888
set sdns-server-ip 208.91.112.220 (other servers may also work)
end
Refer to this article for all of the protocol and port options when disabling anycast: Technical Tip: FortiGuard is not reachable via Any... - Fortinet Community.
A fix for this issue also included disabling anycast and re-enabling it, done via the CLI.
Alternatively, the urlfilter and DNS proxy services can be restarted to force a reconnection. In most circumstances this is non-impacting but a maintenance window is recommended:
diagnose test app urlfilter 99
diagnose test application dnsproxy 99
|
