| Description |
This article describes a clarification on the manual licensing upload process for FortiProxy VM when the appliance is completely isolated from the Internet. |
| Scope | FortiProxy VM. |
| Solution |
Based on the documentation about this topic, which was first introduced on FortiProxy firmware 7.2.10: Licensing in air-gap environments NEW and moving forward, theoretically, it is possible to download the offline license from the support page with the name 'FPX***Off-NetworkLicenseFile.lic'.
However, on the GUI of the FortiProxy-VM running 7.2.10 or even 7.4.4, when trying to upload the license, it will show the following error on GUI 'Failed to update VM license'.
All new VM FortiProxy deployment has the serial number 'FPXVMEV000000000', which will fail the serial number validation check as a requirement. The serial number will only be updated after loading the valid license with FortiGuard validation, which means that an Internet connection is required to complete the process. Since this is a VM deployment, the workaround is to add a WAN vNIC to the FortiProxy to only do the license validation and then remove that vNIC or remove the Internet-facing IP address to bring it back to not expose the unit to the Internet. |
