- For all FortiGate platform's except for 6K-7K: This is an expected behavior because the v7.0 internet-service database is not compatible with v7.2 and needs to be downloaded again.
The last line 'ffdb_map version mismatch, the Internet Service Database will automatically update' gives detailed information on what is going on and will re-download the update for Internet Service Database (ISDB) automatically.
After the upgrade, verify that the ISDB database has been successfully updated at least once by using the command 'diagnose autoupdate versions'. Note that it might take some time for the ISDB to update. The 'Last Updated using scheduled update' should show a date/time after the upgrade date/time (in the example below, the upgrade was done on June 16th 2024).
diagnose autoupdate versions | grep -A 6 Internet
Internet-service Full Database
---------
Version: 7.02321 signed
Contract Expiry Date: XYXYXYXYX
Last Updated using scheduled update on Mon June 17 02:21:26 2024 <----- Confirms there was a successful update after the upgrade.
Last Update Attempt: Sun June 30 04:14:38 2024 <----- Most recent attempt. If there are no new updates, the Result is expected to be 'no updates'.
Result: No Updates
- For 6K platform: For 6K chassis, the Internet Service Database (ISDB) will not update automatically by itself and needs manual download and installation of the database through the GUI of the primary FireWall.
Steps:
- Download the ISDB database from the support portal
On the support portal, Downloads > Service Updates > Internet Service Definition >> ffdb_fos72_00007.03866 1.pkg
- Then Login to Primary 6K via GUI ( update from cli does not fix this issue)
Then go to System -> FortiGuard -> License Information -> Firmware and General updates -> ISDB definitions and then actions and upgrade db and load the file downloaded during Step 1.
- Wait for few minutes for the upgrade to be successful on both the Primary and Secondary Chassis cluster
- Confirm it by running the command:
FGT~-01(global) # diag autoupdate versions | grep -A 4 Internet
Internet-service Full Database
---------
Version: 7.03866 signed <<<<<<<<<<
Contract Expiry Date: n/a
Last Updated using manual update on Mon Sep 23 18:31:43 2024
--
Internet-service Full Database
---------
Version: 7.03866 signed <<<<<<<<<<
Contract Expiry Date: n/a
Last Updated using manual update on Mon Sep 23 18:31:43 2024
--
Internet-service Full Database
---------
Version: 7.03866 signed <<<<<<<<<<
Contract Expiry Date: n/a
Last Updated using manual update on Mon Sep 23 18:31:43 2024
--
Internet-service Full Database
---------
Version: 7.03866 signed <<<<<<<<<
Contract Expiry Date: n/a
Last Updated using manual update on Mon Sep 23 18:31:43 2024
--
Internet-service Full Database
---------
Version: 7.03866 signed <<<<<<<<
Contract Expiry Date: n/a
Last Updated using manual update on Mon Sep 23 18:31:43 2024
--
Internet-service Full Database
---------
Version: 7.03866 signed <<<<<<<<<
Contract Expiry Date: n/a
Last Updated using manual update on Mon Sep 23 18:31:43 2024
--
Internet-service Full Database
---------
Version: 7.03866 signed <<<<<<<<<<<<<<
Contract Expiry Date: n/a
Last Updated using manual update on Mon Sep 23 18:31:37 2024
|
