FortiGate and FortiGuard connectivity can be checked with the command 'diagnose debug rating' or 'get webfilter status'.

For each IP address, the output of the commands shows the following:

• RTT (round-trip delay).
• Flags.
• TZ (Server time zone).
• Curr Lost (The number of recent and consecutive queries without reply).
• Total lost (The historical total number of queries without reply, these values reset when the device restarts).

The output of this command shows flags beside some servers, and below is the explanation for each flag value.

• I=Initial: The server was initially contacted to validate the license and get the server list. Usually, there is only one server with this flag.
• D=Default: The IP address FortiGate got when resolving the name 'service.fortiguard.net'.
• S=Serving: IP address of servers received from FortiManager.
• T=Timing: The server is not replying to FortiGate queries. The server remains in this state for 15 seconds (default) before being considered as failed.
• F=Failed: The server is down.

Related articles:

Troubleshooting Tip: Unable to connect to FortiGuard servers

Technical Tip: FortiGuard Overview and Troubleshooting