Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
hrahuman_FTNT
Staff
Staff

Created on ‎02-08-2023 11:49 PM

Article Id 245239

Technical Tip: How to update the FortiGuard service when FortiGate Blade is not connected to FortiController

Description This article describes how to update the FortiGuard service when FortiGate Blade is not connected to FortiController.
Scope FortiGate 5000 series blades.
Solution

In the 5000 SLBC system, only the master 5001D blade can update the FortiGuard services '# execute update-now'.

Master 5001D blade will sync updates to all slave 5001D blades.

Slave 5001D blade cannot run CLI command '# execute update-now'.

 

Execute the following commands to check which 5001D blade was a master blade.

Run the following CLI commands, and upload the outputs to this bug:


On FortiController:


# diag sys ha status
# get load-balance status


On FortiGate Blade:

 

# diag sys confsync status

 

To update the FortiGuard updated when the blade is disconnected from FortiController, Since there is no ELBC HA status, it is not possible to use the  '# execute update-now' in the Blade.

 

The mode has to change to 'none' to run the '# execute update-now'.

 

# config system elbc
    set mode none
end
1856
0 Kudos
Submit Article Idea
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.