FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
mjaiswal
Staff
Staff
Description This article describes how to resolve the below error while checking the connectivity with the analyzer:

'failed to get faz's status. invalid error number (0).(0)'

 

This error is seen when there is certificate is missing on FortiGate.

Scope

Fortigate and FortiAnalyzer

Solution

Verify basic connectivity is fine by Ping, traceroute and telnet.

 

However, while checking the connectivity with the analyzer by the below command, it gives the error:

 

# exec log fortianalyzer test-connectivity
failed to get faz's status. invalid error number (0).(0)


This error is seen when there is certificate is missing on FortiGate.

 

It is necessary to check the certificate on the FortiGate.

Make sure the certificate with the CN='fortinet-ca2 is present.

 

If not present, Try downloading the cert from the FortiAnalyzer and import it on FortiGate.

 

Ensure it is added in external CA.

Once it is added, reset the daemon on FortiAnalyzer and FortiGate by using the below command:

 

# diag test app oftpd 99" <----- FortiAnalyzer.
'fnsysctl killall miglogd' <----- FortiGate.


Use the following command again to verify connectivity.

 

Successful sending of logs:


# exec log fortianalyzer test-connectivity

FortiAnalyzer Host Name: FAZVM64
FortiGate Device ID: FGT1234567890
Registration: registered
Connection: allow
Disk Space (Used/Allocated): 0/Unlimited MB
Total Free Space: 831949 MB
Log: Tx & Rx (28 logs received since 02:00:18 02/20/18)
IPS Packet Log: Tx & Rx
Content Archive: Tx & Rx
Quarantine: Tx & Rx

 

Contributors