This article describes why FortiGate is unable to connect FortiGuard servers after upgrading the firmware version.

The following error appears under Dashboard -> Status -> Licenses:

The same message is also shown under System -> FortiGuard -> FortiGuard Updates as below:

The update debug shows 'Failed getting wan ip' as below:

do_setup[344]-Failed setup

do_update[632]-UPDATE failed

do_check_wanip[787]-Failed getting wan ip

The issue is due to the 'cloud-communication' and 'include-default-servers' being disabled in the previous firmware version, and it must be enabled to let FortiGate communicate with FortiGuard located on the internet cloud.

config system global
    set cloud-communication enable
end

config system central-management
    set include-default-servers enable
end

Scenario 2.

The below logs in Debugs in the case of the PPPoE WAN interface, along with failed to get WAN IP. 

upd_pkg_recv[1721]-Error receiving pkg header len=0 hdr=64
__upd_act_update[303]-Failed receiving update rsp

Solution for Scenario 2.

Try changing the interface MTU to 1300 to fix the issue.

config system interface

    edit <interface_name>

        set mtu-override enable

        set mtu 1300

    next

   end

The following commands differ from the old version of FortiGate as of v6.2.x or v6.4.x.

Run the following commands:

diagnose debug reset

diagnose debug console timestamp enable

diagnose debug application update -1

diagnose debug enable

execute update-now

Run the following for five to ten minutes, and then stop the debug and run the following commands:

diagnose debug disable

diagnose debug reset

diagnose autoupdate versions

Related article:

Troubleshooting Tip: Unable to connect to FortiGuard servers