FortiManager
FortiManager supports network operations use cases for centralized management, best practices compliance, and workflow automation to provide better protection against breaches.
jasonhong
Staff & Editor
Staff & Editor
Article Id 409139
Description

This article describes how to troubleshoot issues related to FortiManager/FortiAnalyzer and FortiGuard connectivity.

Scope

FortiManager, FortiAnalyzer.

Solution

The user can face the following error messages in the FortiManager/FortiAnalyzer Alert Console Message widget or Event Logs:

 

service:FGD, connect server 'addr:X.X.X.X, port:443, tz:-5, distance:0, src:DEFAULT' failed, reason='Connect error.

 

service:FCT, connect server 'addr:usforticlient.fortinet.net, port:443, tz:-5, distance:0, src:DEFAULT' failed, reason='Connect error.

 

2025-01-12 15:16:18 tz="+0000" log_id=0017026026 type=event subtype=fgd pri=information desc="Connect FortiGuard server failed" msg="service:geoip, connect server 'addr:X.X.X.X, port:443, tz:-5, distance:6, src:FDNI' failed, reason='Connect error" operation="FGD UPPULL" performed_on="Y.Y.Y.Y" changes="" user="fgdlinkd"

 

2025-01-12 14:58:28 tz="+0000" log_id=0017026026 type=event subtype=fgd pri=information desc="Connect FortiGuard server failed" msg="service:FCT, connect server 'addr:usforticlient.fortinet.net, port:443, tz:1, distance:0, src:DEFAULT' failed, reason='Connect error" operation="FDS UPPULL"

 

Such error logs are present when FortiManager/FortiAnalyzer is unable to reach the public FortiGuard server via the open Internet or proxy.

 

In the event there are no inherent connectivity issues between FortiManager/FortiAnalyzer and FortiGuard servers, the user may consider enabling FortiManager/FortiAnalyzer to contact global FortiGuard servers, instead of being restricted to FortiGuard servers only in the USA (default).

 

config system global

    set usg disable <----- Enabled by default.
end

Contributors