Troubleshooting Tip: FortiGate Cloud Failed to load data

This article describes how to troubleshoot the FortiGate Cloud 'Failed to load data' issue.

The following 'failed to load data' error may be seen when trying to activate a FortiGate Cloud account through the firewall GUI Dashboard.

Run a FortiCloud debug:

# diagnose debug application forticldd -1
# diagnose debug enable

To stop debugging, run the following:

# diagnose debug disable

The following debug output shows the TLS protocol version causing the SSL connection to the FortiGuard server to fail:

[1001] ssl_connect: SSL_connect failes: error:1409442E:SSL routines:ssl3_read_bytes:tlsv1 alert protocol version
[494] fds_https_connect: https_connect(173.243.132.25:443) failed: ssl_connect() failed: 0 (error:00000000:lib(0):func(0):reason(0)).
[652] fds_https_stop_server: 173.243.132.25:443

Verify TLS settings:

config system global
    set ssl-min-proto-version TLSv1-1 <-- change to TLSv1-2
end

A connection to FortiGuard is established after modifying the TLS version.

[500] fds_https_connect: https_connect(173.243.140.6:443) is established.
[300] fds_svr_default_on_established: fds-update has connected to ip=173.243.140.6:443
[307] fds_svr_default_on_established: server-fds-update handles cmd-1
[128] fds_pack_objects: number of objects: 1

Reference: TLS configuration.

By default, the minimum version allowed is TLSv1.2. The FortiGate will try to negotiate a connection using the configured version or higher. If the server that FortiGate is connecting to does not support the version, then the connection will not be made. Some FortiCloud and FortiGuard services do not support TLSv1.3.