FortiSandbox provides a solution to protect against advanced threats and ransomware for companies who don’t want to implement and maintain a sandbox environment on their own.
Article Id 246529
Description This article describes how to activate windows/macOS/Linux licenses for FortiSandbox usage purposes.
Scope FortiSandbox 3.2.x and later.

1) In the Fortisandbox GUI, configure a proper DNS server under system -> DNS.

This server must be able to go the internet and therefore a default route will be required.


2) In the CLI, enable the following debug that will show the activation process of VMs in real-time:


# diagnose-debug vminit


3) In the GUI, go to Scan Policy and Object. if the required images are already downloaded, go to 5) directly.


4) To install VM images from scratch, there are two possible ways, over GUI or CLI.

Internet connectivity and access to FortiGuard servers are required:

- Go to Scan Policy and Object, below 'Status'  the size of each VM's image will be visible, and if you select it, an automatic download will start.

- Open an SSH session and perform the following steps:


Download the Base Package with all Images.

Execute the Following Command:


# fw-upgrade -v -tftp -f/images/v3.00/general_base.pkg


In case executing the following command, there is an output saying the destination file is too Small:

# test-nework


In case something fails with the network, follow the referred links in order to troubleshoot a network issue with Fortinet's server:


Both Port 1 & Port 3 need to have Internet access.


Download Windows 10 w Office 2016.

It is possible to download the Windows 10 x64 with Office 2016 directly from the device by raising an SSH Connection and executing the Following Command:

fw-upgrade -v -tftp -f/images/v3.00/WIN10X64VMO16_3.pkg


It is possible to download the Windows 10 x64 with Office 2016 and then from an FTP Server Upload it to the unit manually by executing the below command:
- Download package to the PC:

2) fw-upgrade -v -s<IP> -tftp -u<User> -p<Password> -f<Path of Package>



fw-upgrade -v -s10.10.10.10 -tftp -utest -ptest -f/WIN10X64VMO16_3.pkg


Note that the manual process to download the package and upload the file to the Unit by using an FTP server is not supported by TAC team.


5) Once the licenses were validated under the Forticare account, go to Scan Policy and Object, select the desired VM to be activated and select the option 'Edit clone number', change the value from 0 to 1, press enter, and apply the changes.

On the debug, a messages which indicates the VM activation will appear:


timestamp of VM clone number has been changed.

timestamp of VM profile has been changed.

VM clone number has been changed. WIN7X86VMO16E 0 -> 1

VM clone number has been changed.

VMMGRD: Clean job done.

VMinit has been launched.

Start initializing VM images


To have a better view of the logs generated, on the  GUI go to Log&report -> events -> VM events.