Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
sahmed_FTNT
Staff & Editor
Staff & Editor

Created on ‎07-30-2024 10:21 PM Edited on ‎12-24-2025 06:20 AM By Community Manager

Article Id 329304

Troubleshooting Tip: 'FortiGate Cloud activation failed'

Description This article describes how to fix the error 'FortiGate Cloud activation failed'.
Scope FortiGate.
Solution

If the error 'FortiGate Cloud activation failed' appears: 

 

autojoin.PNG

  • Verify the FortiGate can connect to FortiGuard and has DNS connectivity. See the article 'Unable to connect to FortiGuard servers'.
  • Verify custom source-ip in 'config log fortiguard setting' is correct or no custom source-ip is required.
  • Verify the license is valid using 'diagnose autoupdate versions' or 'diagnose test update info':

    VAN_EDGE-B # diagnose test update info | grep System -A 10
    System contracts:
        HDWR,Sat Aug  2 2025
        ENHN,Sat Aug  2 2025
        COMP,Sat Aug  2 2025
        FMWR,Sat Aug  2 2025
        FGSA,Wed Dec 20 2023
        FURL,Sat Aug  2 2025
        SPAM,Sat Aug  2 2025
        SBCL,Sat Aug  2 2025
        ZHVO,Sat Aug  2 2025
        IOTH,Wed Dec 20 2023

    VAN_EDGE-B # execute date
    current date is: 2024-11-12

 

To activate FortiGate Cloud or join an existing deployment, FortiGate requires HTTPS access to the following domains. The exact domain names required depend on settings in 'config system fortiguard'.

 

To verify if the following domains has access over HTTPS port 443, use a telnet command as follows:

 

For example: 

execute telnet mgrctrl1.fortinet.com 443
Trying 154.52.10.105...
Connected to 154.52.10.105.  

 

mgrctrl1.fortinet.com
msgctrl1.fortinet.com
logctrl1.fortinet.com
uslogctrl1.fortinet.com
eulogctrl1.fortinet.com

globalmgrctrl.fortinet.net
globalmsgctrl.fortinet.net
globallogctrl.fortinet.net
uslogctrl.fortinet.net
eulogctrl.fortinet.net

globalmgrctrl2.fortinet.net
globalmsgctrl2.fortinet.net
globallogctrl2.fortinet.net
uslogctrl2.fortinet.net
eulogctrl2.fortinet.net


Additional FortiGate Cloud-required ports and access control information can be found in the FortiGate Cloud administration guide.


FortiGate Cloud auto-join will always fail if FortiGate Cloud has not been activated for the device. FortiGate Cloud can be activated from the FortiGate GUI: System > FortiGuard -> Select 'Activate' -> Enter credentials for the FortiCloud account owner.

activate.PNG
If activating FortiGate Cloud gives the message 'FortiGate Cloud Internal Error', this indicates the activation attempt failed. See 'Technical Tip: How to troubleshoot FortiGate Cloud Internal Error' for troubleshooting steps in this case.
5367
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2026 Fortinet, Inc. All Rights Reserved.