Help
FortiManager
FortiManager supports network operations use cases for centralized management, best practices compliance, and workflow automation to provide better protection against breaches.
Nur
Staff
Staff

Created on ‎04-02-2023 10:29 PM Edited on ‎04-02-2023 11:08 PM By Community Manager

Article Id 251033

Technical Tip: File magic mismatched Occurs when request update is made from FortiManager

Description This article describes an error that occurs after FortiGate requests an updated license signature from FortiManager. FortiManager acts as local FDS in close network and behind Web Proxy
Scope

The error:

 

# diag debug application update -
# diag debug enable
# execute update-now

 

FGTVM01 # upd_vm_process[816]-last warning 101 seconds ago
do_setup[344]-Starting SETUP
upd_comm_connect_fds[459]-Trying FMG XX.XX.XX.XX:443
upd_pkg_recv[1725]-Received incorrect pkg header. (File magic mismatched.)
upd_act_setup_with_action[197]-Failed receiving setup rsp
upd_comm_disconnect_fds[500]-Disconnecting FMG XX.XX.XX.XX:443
Solution

The FortiGate update uses port to 443.

Normally this port should not be used unless the FortiManager port has secondary IP configured for FortiGuard updates. 

 

1) Hence, the config needs to use port 8890.

 

# config system central-management

    set fmg-update-port 8890

end


2) Enable 'Enabled Web Filter services' on FortiManager. System setting -> Network -> port1(default port) -> Web services.


3) Ensure configured Web Filter on any policy, 'diag de rating' debug will always show web filter services disabled.
288
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.