Created on
03-18-2012
12:36 AM
Edited on
08-26-2025
10:25 PM
By
Jean-Philippe_P
Description
To confirm FortiGuard servers are reachable, try to ping the following hostnames:
execute ping service.fortiguard.net
execute ping update.fortiguard.net
execute ping guard.fortinet.net
execute ping securewf.fortiguard.net [ for HTTPS service ]
If the hostname is not resolving or ping is not working, refer to this KB article: Troubleshooting Tip: Unable to connect to FortiGuard servers.
Scope
FortiGate.
Solution
This will enable users to access websites even when a rating error occurs, allowing the FortiGate unit to utilize the FortiGuard Web Filtering database stored on the unit to rate the website.
In CLI:
Scenario 2:
When checking the 'diagnose debug rating', two servers were seen:
The FortiGuard settings were changed:
config system fortiguard
set fortiguard-anycast disable
set protocol udp
set port 8888
set sdns-server-ip 208.91.112.220 173.243.140.53 210.7.96.53
end
The error was no longer observed.
From v7.4 and above, the option for changing the 'Allow website when rating error occurs' has changed. The Following option shown in the screenshot below needs to be disabled or enabled to either enable or disable the option for rating error.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.