FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Matt_B
Staff
Staff
Article Id 364409
Description This article describes how to request a permanent trial license if FortiGate has an existing license uploaded.
Scope FortiGate v7.2.1 and later.
Solution

On v7.2.1 and above, one permanent trial license is available per the FortiCare account. See the document New Features: Permanent trial mode for FortiGate-VM (7.2.1).

 

The permanent trial license is intended for a new virtual machine. If an invalid or expired license is uploaded to a VM, by design it is not possible to request the permanent trial license.

 

In v7.2.1+ as well as in v7.4.0 and v7.4.1, there is a known GUI issue that allows the device administrator to access the Evaluation license request form and input a credential even while a license is already uploaded to the device.

In this scenario, FortiGate correctly does not send any request and the GUI shows ‘Error downloading license: Error Communicating with FortiCare', which indicates there was an issue sending the request.


v7.2 GUI license prompt if the invalid license is uploaded:

 

b Error communicating with FortiCare.PNG

 

In v7.4.2 and above, this GUI issue is patched and the Evaluation license request form cannot be accessed while the device has a license uploaded.

 

v7.4.5 GUI license prompt if no license is uploaded:

 

b745 no license.PNG

 

v7.4.5 GUI license prompt if the invalid license is uploaded:

 

Note the 'Evaluation license' option does not appear.

 

b745 existing license.PNG

 

To remove the existing license from the device, factory reset the virtual machine using the CLI command 'execute factoryreset2'. This removes existing configuration including administrator credentials.

 

EVAL-VM-A # execute factoryreset2
This operation will reset the system to factory default except system.global.vdom-mode/system.global.long-vdom-name/VDOMs/system.virtual-switch/system.interface/system.settings/router.static/router.static6!
Do you want to continue? (y/n)y


System is resetting to factory default (factoryreset2) ...


The system is going down NOW !!

EVAL-VM-A #
Please stand by while rebooting the system.
Restarting system

System is starting...
Serial number is FGVMXXXXXXXXXWFD


FortiGate-VM64-KVM login:

 

If no CLI access is available, deploy a new virtual machine.

 

After the previous license is removed, it is possible to request a permanent trial license from GUI or CLI. The device reboots after a successful license request.

 

License download successful.png

 

After rebooting, the Administrative Access GUI is accessible and an administrator can continue to configure the device subject to the limitations of the evaluation license.

 

vm license page.PNG

 

Note: Permanent trial licenses have limitations as described in the New Features Guide. They are intended for evaluation and testing only. Only one permanent trial license is permitted per the FortiCare account.