Description | This article describes how to solve the issue of FortiGate Cloud internal error on the latest versions. |
Scope | FortiGate v7.0.12 or above. |
Solution |
If the following error appears in GUI:
Or the same message is observed in CLI:
execute ping logctrl1.fortinet.com execute ping globallogctrl.fortinet.net execute ping service.fortiguard.net
If they are not reachable, then check DNS reachability on FortiGate and troubleshoot it accordingly: Technical Tip: DNS stops working when using custom DNS.
config system fortiguard set auto-join-forticloud enable end
config system fortiguard
config system central-management set type fortiguard end
diagnose fdsm contract-controller-update
execute fortiguard-log login <email> <password> <location>
There are three options for domains like GLOBAL/EUROPE/US.
fnsysctl killall forticldd
execute telnet 208.91.113.195 514
diag test application forticldd 3
diagnose debug application forticldd -1 diagnose debug enable
The following errors may be seen:
[1060] ssl_connect: SSL_connect failes: error:1409442E:SSL routines:ssl3_read_bytes:tlsv1 alert protocol version
config system global
[105] fds_print_msg: Status:down
diagnose sniffer packet any 'net 208.91.113.0/24 or net 173.243.132.0/24' 6 0 l
Note: the source IP and interface used to initiate the connection to the FortiCloud server is specified under the 'config log fortiguard setting'. It is 'auto' by default, which is similar to the FortiGuard setting.
config log fortiguard setting set source-ip <- IP address of the WAN interface which can reach service.fortiguard.net. set interface-select-method specify <----- Specify the interface selection method to be the same as FortiGuard. set interface <interface> <----- Specify the interface. end
If the issue persists, open a support ticket with Fortinet and attach the Configuration file along with the debug outputs captured above and the output of these commands:
diag fdsm account-info
diagnose test application forticldd 1 diagnose test application forticldd 2 diagnose test application forticldd 3
Related documents: Technical Tip: FortiGate Cloud Report shows error 'Internal Server Error' Troubleshooting Tip: FortiCloud internal error when activating a FortiCloud account on FortiGate FortiGate Cloud Port and access control information |