FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Article Id 245239
Description This article describes how to update the FortiGuard service when FortiGate Blade is not connected to FortiController.
Scope FortiGate 5000 series blades.

In the 5000 SLBC system, only the master 5001D blade can update the FortiGuard services '# execute update-now'.

Master 5001D blade will sync updates to all slave 5001D blades.

Slave 5001D blade cannot run CLI command '# execute update-now'.


Execute the following commands to check which 5001D blade was a master blade.

Run the following CLI commands, and upload the outputs to this bug:

On FortiController:

# diag sys ha status
# get load-balance status

On FortiGate Blade:


# diag sys confsync status


To update the FortiGuard updated when the blade is disconnected from FortiController, Since there is no ELBC HA status, it is not possible to use the  '# execute update-now' in the Blade.


The mode has to change to 'none' to run the '# execute update-now'.


# config system elbc
    set mode none