FortiGate-VM firmware version 7.2.0 and below, licenses have a 15-day license timeout period, and if the license can not be validated within that time, the VM will stop working as a firewall. The license status will change before the timeout occurs, and the license status is shown as invalid. 

Error: VM license shows as invalid.

In any case, if a FortiGate-VM is in an airgap environment (without internet access), it can not validate against a FortiManager or FortiGuard server. Its license status will become invalid in 15 days.

To resolve the invalid issue, the FortiGate-VM has to connect with the FortiGuard server or FortiManager (if used for FortiGuard updates) for license validation.

Once connected with FortiManager or FortiGuard for license validation, it can initiate updates manually as below:

diagnose debug reset

diagnose debug application update -1

execute update-now

diagnose debug enable

To stop the debug:

diagnose debug disable

diagnose debug reset

Validate the license from CLI using 'get system fortiguard-service status'.

Note:

As of v7.2.1 and later, the FortiGate-VM Trial license model has been changed from a 15-day term to a permanent trial license.

Manual licensing for air-gap environments is supported from v7.4.