|Description||This article describes how to resolve the issue with Web and Email Filter Update Server being unavailable on FortiManager.|
1) Usually after an upgrade or a reboot of the FortiManager, it will try to reestablish a connection with the FortiGuard Update Servers for AntiVirus and IPS, Web and Email Filter as well as FortiClient Update.
However, at times, the dashboard shows that it is unable to detect the Web and Email Filter update server.
2) Ensure that communication to the public network is enabled:
FMG # get fmupdate publicnetwork
status : enable
3) It is possible to check through the CLI command, 'diagnose fmupdate view-serverlist fds' that the symbol (*) indicates the current FDS & FCT server list.
This is the same as the server IP that is shown on the Update Server GUI dashboard as shown in Step (1) for AntiVirus and IPS as well as FortiClient Update respectively.
4) Furthermore, it is possible to check through the CLI command, 'diagnose fmupdate view-serverlist fgd' and it is not possible to see the list of FortiGuard server list for rating services.
5) To resolve this, under FortiGuard -> Settings -> Enable both the Web Filter Service and Email Filter Service -> Apply. This will trigger a reboot on the FortiGuard service.
6) After that, it is now possible to see the list of FortiGuard server lists. The symbol (*) from the output of 'diagnose fmupdate view-serverlist fgd' indicates the current FortiGuard server list. This is the same as the server IP that is on the Update Server GUI dashboard.