Description

This article explains how to troubleshoot and create a general FortiGuard reachability script using Tera Term.

Scope

FortiOS.

Solution

This script is intended to collect essential debug information for troubleshooting FortiGuard connectivity issues and determine whether or not the FortiGate device can properly resolve DNS. Reliable DNS resolution to the public WAN and proper internet connectivity are critical for reaching FortiGuard servers.

Licenses are being updated with the 'FortiGuard Updates' System -> FortiGuard -> FortiGuard settings.

A script can be used to capture logs automatically. This will help ensure that all necessary data is collected in advance before opening a case with TAC.

Refer to Troubleshooting Tip: Preparing windows machine to run Teraterm scripts for instructions on how to use Tera Term.

Note:

If the script logs out automatically, try increasing the login timeout duration using the following command:

config system global
    set admin-ssh-grace-time <number_of_seconds> <max 3600 seconds>
end

Along with the FortiGuard TTL script below logs can also be collected manually while uploading the logs in the TAC ticket:

show full system fortiguard
show full system setting
show full system dns

diagnose autoupdate version
diagnose autoupdate status

show full system fortiguard
show full system central-management