Technical Tip: Unable to connect to FortiGuard servers after Upgrading

This article describes why FortiGate is unable to connect FortiGuard servers after upgrading the firmware version.

The following error appears under Dashboard -> Status -> Licenses:

The same message is also shown under System -> FortiGuard -> FortiGuard Updates as below:

The update debug shows 'Failed getting wan ip' as below:

do_setup[344]-Failed setup

do_update[632]-UPDATE failed

do_check_wanip[787]-Failed getting wan ip

The issue is due to the 'cloud-communication' and 'include-default-servers' being disabled in the previous firmware version, and it must be enabled to let FortiGate communicate with FortiGuard located in the internet cloud.

config system global
    set cloud-communication enable
end

config system central-management
    set include-default-servers enable
end

Scenario 2.

The below logs in Debugs in the case of the PPPoE WAN interface along with failed to get WAN IP. 

upd_pkg_recv[1721]-Error receiving pkg header len=0 hdr=64
__upd_act_update[303]-Failed receiving update rsp

Solution for Scenario 2.

Try changing the interface MTU to 1300 to fix the issue.

The following commands differ from the old version of FortiGate as of v6.2.x or v6.4.x.

Run the following commands:

dia de reset

dia de consol time en

dia de app update -1

dia de en

exe update-now

Run the following for five to ten minutes:

dia de di

dia de reset

dia autoupdate versions

Related article:

Unable to connect to FortiGuard servers