Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
willow
New Contributor III

Created on ‎09-30-2025 09:21 AM

Can't Connect to Fortianalyser Cloud after Upgrade

We have just upgraded our 100F from 7.0.17 to 7.4.9 with 7.0 going end of support.

It upgraded to 7.2 and then to 7.4

 

Everything seems to work fine with the exception of FortiAnalyzer Cloud. It's refusing to connect and send logs. We did upgrade the FAZ from 7.4 to 7.6.4 however it hasn't seemed to make any difference and both versions seem to support our Fortigate version. I have also removed the device and re-added it to FA Cloud still with no luck. 

 

There's no access issues that I know of

 

# exec ping fortianalyzer.forticloud.com
PING fortianalyzer.forticloud.com.geo.fortinet.net (154.52.2.161): 56 data bytes
64 bytes from 154.52.2.161: icmp_seq=0 ttl=52 time=20.6 ms
64 bytes from 154.52.2.161: icmp_seq=1 ttl=52 time=20.5 ms
64 bytes from 154.52.2.161: icmp_seq=2 ttl=52 time=20.5 ms
64 bytes from 154.52.2.161: icmp_seq=3 ttl=52 time=20.5 ms
64 bytes from 154.52.2.161: icmp_seq=4 ttl=52 time=20.5 ms

--- fortianalyzer.forticloud.com.geo.fortinet.net ping statistics ---
5 packets transmitted, 5 packets received, 0% packet loss
round-trip min/avg/max = 20.5/20.5/20.6 ms

 

 

The only clue is an error with SSL

 

exec log fortianalyzer-cloud test-connectivity
Failed to get FortiAnalyzer Cloud's status. SSL error. (-3)

 

However I'm at a loss as to what to try next. 

 

Any help appreciated :)

Labels:
659
0 Kudos
1 Solution
MT-DSG
New Contributor
In response to BillH_FTNT

Created on ‎10-05-2025 07:03 AM

Hello Bill,

Regarding the same issue, instead of changing the global setting, I modified the FortiAnalyzer Cloud logging configuration directly:

 

config log fortianalyzer-cloud setting

set status enable

set ssl-min-proto-version TLSv1-3

end

 

The FortiGate is now able to send logs and retrieve the FortiAnalyzer's serial number.

Thank you for your help

View solution in original post

138
0 Kudos
23 REPLIES 23
BillH_FTNT
Staff
Staff
In response to MT-DSG

Created on ‎10-05-2025 02:33 PM

Hi @MT-DSG 

This is a nice approach. Thanks

Bill

47
0 Kudos
willow
New Contributor III
In response to BillH_FTNT

Created on ‎10-06-2025 05:17 AM Edited on ‎10-06-2025 05:18 AM

Hi Bill

 

Just upgraded to 7.4.9 to try the above and it's now connecting.

 

I'm assuming that whatever mismatch in the SSL versions has been sorted on Fortis  Side. 

27
0 Kudos
BillH_FTNT
Staff
Staff
In response to willow

Created on ‎10-06-2025 09:58 AM

Hi @willow 

I believe our engineering team is currently working on a similar issue to yours.
In the meantime, could you try the method that MT-DSG suggested above?

"

Regarding the same issue, instead of changing the global setting, I modified the FortiAnalyzer Cloud logging configuration directly:

 

config log fortianalyzer-cloud setting

set status enable

set ssl-min-proto-version TLSv1-3

end

 

The FortiGate is now able to send logs and retrieve the FortiAnalyzer's serial number.

Thank you for your help"

 

Regards

Bill

16
0 Kudos
willow
New Contributor III
In response to BillH_FTNT

Created on ‎10-07-2025 02:13 AM

Hi Bill

 

That was the plan, however when I upgraded to 7.4.9 yesterday to try this Fortianalyzer connected first time with no issues or drama. 

 

fixed.jpg

 

I can change the setting, however I don't know if it would be indicative of anything. 

 

FORTIGATE (setting) # show full-configuration
config log fortianalyzer-cloud setting
    set status enable
    set ips-archive disable
    set certificate-verification enable
    set serial "FAZVCLTMXXXXXXX"
    set preshared-key ''
    set access-config enable
    set enc-algorithm high
    set ssl-min-proto-version default
    set conn-timeout 10
    set monitor-keepalive-period 5
    set monitor-failure-retry-period 5
    set certificate ''
    set source-ip ''
    set interface-select-method auto
    set upload-option realtime
    set priority default
    set max-log-rate 0
end

 

I am assuming the issue was fixed somehow over the weekend. 

 

Kind Regards

 

 

@BillH_FTNT wrote:

Hi @willow 

I believe our engineering team is currently working on a similar issue to yours.
In the meantime, could you try the method that MT-DSG suggested above?

"

Regarding the same issue, instead of changing the global setting, I modified the FortiAnalyzer Cloud logging configuration directly:

 

config log fortianalyzer-cloud setting

set status enable

set ssl-min-proto-version TLSv1-3

end

 

The FortiGate is now able to send logs and retrieve the FortiAnalyzer's serial number.

Thank you for your help"

 

Regards

Bill

 

4
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.