Fortinet Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Forti_New
New Contributor

command fail. return code 49

hi guys,
we've got an error on updating ffdb database on our FortiGate.
our device (FG400E - forios 7.0) is in an isolated part of our network and we have to
update it manually. when I run the command for (ffdb update database) it says:
"command fail. return code 49".
would you please tell me what exactly this error means?
thanks.

screenshot.png

 

15 REPLIES 15
AaronD_


@Forti_New wrote:

I checked and Internet-service database didn't updated. is there any one who has updated this database via ftp instead of tftp? maybe it's a limitation of file transferring size on tftp?

best reguards. 


I did it via TFTP. Don't think filesize limit is a concern in this case. From TFTP wikipedia


The original protocol has a transfer file size limit of 512 bytes/block x 65535 blocks = 32 MB. In 1998 this limit was extended to 65535 bytes/block x 65535 blocks = 4 GB by TFTP Blocksize Option RFC 2348. If the defined blocksize produces an IP packet size that exceeds the minimum MTU at any point of the network path, IP fragmentation and reassembly will occur not only adding more overhead[8] but also leading to total transfer failure when the minimalist IP stack implementation in a host's BOOTP or PXE ROM does not (or fails to properly) implement IP fragmentation and reassembly.[9] If TFTP packets should be kept within the standard Ethernet MTU (1500), the blocksize value is calculated as 1500 minus headers of TFTP (4 bytes), UDP (8 bytes) and IP (20 bytes) = 1468 bytes/block, this gives a limit of 1468 bytes/block x 65535 blocks = 92 MB. Today most servers and clients support block number roll-over (block counter going back to 0 or 1[10] after 65535) which gives an essentially unlimited transfer file size.



lol
Staff
Staff

Hello,


To reply to the initial question

> "command fail. return code 49".
> would you please tell me what exactly this error means?

 

The CLI error 49 actually means that the password must conform to the system password policy.
I'm not sure how accurate this error code is in this context here.
It could also be used as a catch all error code if something else during file transfer failed.

 

> just this ffdb file has this problem

Is the Internet-service Database still updating via TFTP as seen with "diagnose autoupdate versions | grep -A6 Inter" ?


Regards

idosho
New Contributor II

Same with 61e 6.4.10 trying updating ffdb database.

matrixfauly
New Contributor

So you got it Bodyak.. tftp supports no more then 32MB files.

Bodyak
New Contributor II

Hello. I have repeatedly written what we use to update the ftp server. And with the update from the ftp server, the problem is the same.
After an update with an error -49, the number of signatures shows 1623 and the version changes to the current one. Is it possible to say that despite the error, the update goes through?

otys
New Contributor

Hello,

I see the same error for a long time on some boxes when updating manually. Try to "diag debug app update -1". In my case the error was something like:

 

Connect to ftp server x.x.x.x ...
Get other objects from ftp server OK.
upd_manual_misc[391]-Updating misc objects
doInstallUpdatePackage[941]-Full obj found for FFDB011
doInstallUpdatePackage[951]-Updating obj FFDB
installUpdateObject[273]-Step 1:Unpack obj 31, Total=1, cur=0
installUpdateObject[302]-Step 2:Prepare temp file for obj 31
installUpdateObject[368]-Failed validation of obj 31
doInstallUpdatePackage[941]-Full obj found for FFDB009
doInstallUpdatePackage[951]-Updating obj FFDB
installUpdateObject[273]-Step 1:Unpack obj 31, Total=1, cur=0
installUpdateObject[302]-Step 2:Prepare temp file for obj 31
installUpdateObject[368]-Failed validation of obj 31
doInstallUpdatePackage[941]-Full obj found for FFDB010
doInstallUpdatePackage[951]-Updating obj FFDB
installUpdateObject[273]-Step 1:Unpack obj 31, Total=1, cur=0
installUpdateObject[302]-Step 2:Prepare temp file for obj 31
installUpdateObject[368]-Failed validation of obj 31
upd_status_save_status[131]-try to save on status file
upd_status_save_status[202]-Status file is up-to-date
upd_manual_misc[416]-Update failed on ffdb_low(31) (-6)
upd_manual_misc[416]-Update failed on ffdb_med(31) (-6)
upd_manual_misc[416]-Update failed on ffdb_high(31) (-6)
Command fail. Return code 49

 

The only solution I know is to reboot the firewall and try again. Looks like some app lock or resource problem.

 

Daniel