FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
ssavin
Staff
Staff
Article Id 254431
Description

 

This article describes how to fix the issue when the external connector threat feed status is in the 'Unavailable' connection status.

 

Scope

 

FortiGate, FortiOS.

 

Solution

 

For more info about Threat feeds, visit the below link:

https://docs.fortinet.com/document/fortigate/6.2.14/cookbook/9463/threat-feeds

 

In some cases, the external connector has the connection status immediately after creation.

 

unavailable status.png

 

Other symptoms of this behavior are:

- No packets while running a sniffer.

- Running the debug 'diag debug application forticron 448' returns only '# fcron_ext_handle_cmd_update()-427: command update 'test2''.

 

This behavior is caused by the external database update being disabled.

 

# config system fortiguard

    set update-extdb disable

 

Re-enabling this option will enable communication between the firewall and the server that hosts the thread feed IP list.

 

Related documents:

https://docs.fortinet.com/document/fortigate/6.2.14/cookbook/9463/threat-feeds

https://community.fortinet.com/t5/FortiGate/Technical-Tip-External-threat-list-threat-feed-is-not-wo...

https://community.fortinet.com/t5/FortiGate/Troubleshooting-Tip-External-Connector-Threat-Feeds-supp...