Technical Tip: Unable to connect to FortiGuard servers after Upgrading

This article describes why FortiGate is unable to connect FortiGuard servers after upgrading the firmware version.

The following error appears under Dashboard -> Status -> Licenses:

The same message is also shown under System -> FortiGuard -> FortiGuard Updates as below:

The update debug shows 'Failed getting wan ip' as below:

do_setup[344]-Failed setup

do_update[632]-UPDATE failed

do_check_wanip[787]-Failed getting wan ip

The issue is due to the 'cloud-communication' and 'include-default-servers' being disabled in the previous firmware version, and it must be enabled in order to let FortiGate communicate with FortiGuard located in the internet cloud.

config system global
    set cloud-communication enable
end

config system central-management
    set include-default-servers enable
end

Scenario 2

The below logs in Debugs in the case of the PPPoE WAN interface along with failed to get WAN IP. 

upd_pkg_recv[1721]-Error receiving pkg header len=0 hdr=64
__upd_act_update[303]-Failed receiving update rsp

Solution for Scenario 2

Try changing the interface MTU to 1300 to fix the issue.

The following commands differ from the old version of FortiGate as of v6.2.x or v6.4.x.

Run the following commands:

dia de reset

dia de consol time en

dia de app update -1

dia de en

exe update-now

Run the following for five to ten minutes:

dia de di

dia de reset

dia autoupdate versions