| Description | This article describes the scenario when the Fortivoice license is not registering with FortiGuard: 'Failed SSL Connect'. |
| Scope | Fortivoice 6.0.x. |
| Solution |
In some scenarios, Fortivoice does not update the license against FortiGuard.
- Debug updated 7 shows 'Failed SSL connect'.
fortivoice2 # execute update now #diagnose debug application updated 7 10.04-11:15:16 upd_daemon.c:upd_daemon[1378]-Received update now request 10.04-11:15:16 upd_daemon.c:do_setup[307]-Starting SETUP 10.04-11:15:16 upd_act.c:upd_act_setup_with_action[204]-Trying FDS 173.243.138.66:443
fortivoice2 # 10.04-11:15:16 upd_comm.c:ssl_connect_fds[389]-Failed SSL connecting (5,0,Success) 10.04-11:15:16 upd_comm.c:upd_comm_connect_fds[467]-Failed SSL connect 10.04-11:15:16 upd_act.c:upd_act_setup_with_action[208]-Failed connecting to 173.243.138.66:443 10.04-11:15:16 upd_daemon.c:do_setup[351]-Failed setup 10.04-11:15:16 upd_daemon.c:upd_daemon[1634]-Disabling remaining actions 13 10.04-11:15:16 upd_daemon.c:upd_daemon[1648]-status=update msg="Fortigate update failed for no fds allowed."
- To troubleshoot it, take a packet capture in the Fortivoice.
The Fortivoice is trying SSLv3 but is not supported by FortiGuard.
To fix the issue, adjust the SSL versions in the global settings of Fortivoice using CLI.
# config system global set ssl-versions tls1_0 tls1_1 tls1_2 end |
