Created on 02-10-2009 02:12 PM Edited on 05-26-2022 07:22 AM
Article
FortiGuard Antivirus and FortiGuard Antispam subscription services use multiple types of connections with the FortiGuard Distribution Network (FDN). For details on verifying FDN connection, see the FortiMail Administration Guide.
For all FortiGuard connection types, you must satisfy the following requirements:
You can verify that you have satisfied DNS and routing requirements by using the CLI commands:
# execute nslookup host antispam.fortigate.com Name: antispam.fortigate.com Address: 208.91.112.194 [DNS resolution achieved] Name: antispam.fortigate.com Address: 216.156.209.26 Name: antispam.fortigate.com Address: 82.71.226.65 # execute ping antispam.fortigate.com PING antispam.fortigate.com (208.91.112.194): 56 data bytes 64 bytes from 208.91.112.194: icmp_seq=0 ttl=50 time=172.8 ms [Routing and connectivity with antispam servers achieved for previously returned addresses] |
If you have satisfied these requirements, verify that you have also satisfied the following requirements specific to the type of connection that is failing.
Scheduled updates (FortiGuard Licensing and Updates for Antivirus)
Push updates (FortiGuard Updates for Antivirus)
Rating queries (FortiGuard Antispam Licensing information and queries)
If you suspect that one of the devices on your network is interfering with connectivity, you can analyze traffic and verify that the FortiMail unit is sending and receiving traffic on the required port numbers by using the CLI command diagnose sniffer to perform packet capture. If traffic is being corrupted or interrupted, you may need to perform packet capture at additional points on your network to locate the source of the interruption.
Sample sniffer trace below when troubleshooting Antispam License information based on Fortimail 4.x
# diagnose sniffer packet any 'port 8889 or port 8888 or port 53' 4 0 a interfaces=[any] filters=[port 8889 or port 8888 or port 53] 2010-10-27 12:40:19.050364 port1 out 82.x.x.x.59730 -> 82.71.226.65.8889: udp 64 2010-10-27 12:40:21.010452 port1 out 82.x.x.x.59730 -> 208.91.112.194.8889: udp 64 2010-10-27 12:40:23.010565 port1 out 82.x.x.x.59730 -> 216.156.209.26.8889: udp 64 [All FDS requests using port UDP/8889 seems to be filtered as no packet is returned] # diagnose sniffer packet any 'port 8889 or port 8888 or port 53' 4 0 a interfaces=[any] filters=[port 8889 or port 8888 or port 53] 2009-10-27 13:13:51.862011 port1 out 82.x.x.x.50210 -> 208.91.112.194.53: udp 33 2009-10-27 13:13:51.867646 port1 in 208.91.112.194.53 -> 82.x.x.x.50210: udp 33 [After reconfiguration using port UDP/53 packets are replied correctly] |
For details on using FortiMail packet capture for troubleshooting, see the FortiMail Install Guide.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.