Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
vjoshi_FTNT
Staff
Staff

Created on ‎03-15-2005 12:00 AM Edited on ‎07-10-2025 06:13 AM By Community Manager

Article Id 190821

Technical Tip: 'FortiGuard license is expired' log messages

Description

The article describes why FortiGate records some Event Logs, saying that the FortiGuard license has expired.

It explains what happens if the FortiGuard contract expires, and what happens if the FortiGate license expires.
Scope

FortiGate v7.0 and above.
Solution

The log messages may appear due to one or more of the following reasons:

 

  1. The Trial or Evaluation period has expired: When the status of FortiGuard-Web or FortiGuard-AntiSpam is checked on the GUI or activate one (or more) of these for the first time, a 30-day trial period for the respective feature begins. After the trial period, log messages such as the following will begin to appear, notifying the user that the Trial is over.

 

2016-03-07 09:17:07 device_id=FGTxxxxxxxxxxxxx log_id=0100020101 type=event subtype=system pri=critical msg="Fortiguard license is expired"

 

  1. Contract is over: If a FortiGuard Contract is purchased, and the FortiGuard contract is not renewed, the log messages like the one below indicate that the FortiGuard license has expired:

 

2016-03-01 21:35:58 device_id=FGTxxxxxxxxxxxxx log_id=0100020101 type=event subtype=system pri=critical msg="Fortiguard license is expired"

 

What happens if the FortiGuard contract expires:

 

If the license is not renewed, the following features will stop working:

  • FortiGuard web filter will lose connection, so FortiGuard category-based web filtering will stop working (policies, where the Web filter is applied, will block traffic).
    However, if there is Static URL filtering applied, that will still work as per the configured entries.
    This is not practical, and it works for specific setups only where they must allow access to specific URLs and the rest to be blocked.
  • AV and IPS scanning will continue to work, but the signature databases will not be updated on the FortiGate.
    This is very important as the firewall will no longer offer protection against new threats.
  • Any feature that requires connectivity with the FortiGuard network will no longer benefit from that connectivity.
  • FortiGate-VM licenses will lose GUI access for management (limited only to uploading a new license file). CLI access is allowed.

 

Additional Note:

  • The GUI will show status as 'License expired'.
  • Use the following commands for debug:

 

diagnose debug app update -1

diagnose debug enable

 

To stop it:

 

diagnose debug disable

 

  • After renewal, a reboot may be necessary in some cases to restore full functionality.

 

For a detailed description of the expiration impact for each license type, see License expiration.

 

Note:

In certain (older) FortiOS builds, these messages may be displayed even if the contract is valid. Those versions are no longer supported. Update to a supported FortiOS version first. See Product Life Cycle.
Labels:
39893
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.