|
When experiencing this issue, the user experiences the following:
- The error 'import fortitoken license error: -7500' appears.
- No tokens (trial or licensed) appear in response to the command 'show user FortiToken'.
- When trying to import a FortiToken mobile in the GUI, an internal server error occurs.
- The FortiGate can ping the FortiGuard servers.
Below is an example of what a debugging process returns:
# diag debug app forticldd -1
Debug messages will be on for 27 minutes.
# diag debug app alert -1
Debug messages will be on for 27 minutes.
# diag fortitoken debug enable
Debug messages will be on for 26 minutes.
# diag debug enable
# exec fortitoken-mobile import FTKMOB0A08Bxxxx
2022-10-03 20:48:43 ftm_cfg_import_license[321]:import license FTKMOB0A08Bxxxx
2022-10-03 20:48:43 ftm_fc_comm_connect[38]:ftm cannot resolve DNS
2022-10-03 20:48:43 ftm_fc_command[588]:forticare [ftm2.fortinet.net:443] unreachable
import fortitoken license error: -7500
- To fix the issue, disable 'fortiguard-anycast' under 'config system fortiguard' and import the FortiToken again on the GUI:
# config system fortiguard
set fortiguard-anycast disable
end
- Alternatively, if the fortiguard-anycast-source is set to aws. It is necessary to change it to fortinet as follows:
# config system fortiguard
set fortiguard-anycast enable
set fortiguard-anycast-source fortinet
|
