Unlock Exclusive Benefits
Join Our Community Today!
Join our community and post in the forum to earn your exclusive Summer Badge! Become a member today!
LOGIN/REGISTER
CONTINUE AS A GUEST
- Support Forum
- Knowledge Base
- Customer Service
- Internal Article Nominations
- FortiGate
- FortiClient
- FortiADC
- FortiAIOps
- FortiAnalyzer
- FortiAP
- FortiAuthenticator
- FortiBridge
- FortiCache
- FortiCare Services
- FortiCarrier
- FortiCASB
- FortiConverter
- FortiCNP
- FortiDAST
- FortiData
- FortiDDoS
- FortiDB
- FortiDNS
- FortiDLP
- FortiDeceptor
- FortiDevSec
- FortiDirector
- FortiEdgeCloud
- FortiEDR
- FortiEndpoint
- FortiExtender
- FortiGate Cloud
- FortiGuard
- FortiGuest
- FortiHypervisor
- FortiInsight
- FortiIsolator
- FortiMail
- FortiManager
- FortiMonitor
- FortiNAC
- FortiNAC-F
- FortiNDR (on-premise)
- FortiNDRCloud
- FortiPAM
- FortiPhish
- FortiPortal
- FortiPresence
- FortiProxy
- FortiRecon
- FortiRecorder
- FortiSRA
- FortiSandbox
- FortiSASE
- FortiScan
- FortiSIEM
- FortiSOAR
- FortiSwitch
- FortiTester
- FortiToken
- FortiVoice
- FortiWAN
- FortiWeb
- FortiAppSec Cloud
- Lacework
- Wireless Controller
- RMA Information and Announcements
- FortiCloud Products
- ZTNA
- 4D Documents
- Customer Service
- Community Groups
- Blogs
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
- Fortinet Community
- Support Forum
- Can't create Geography address, country/region fie...
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Can't create Geography address, country/region field is empty
Hi,
I'm using Fortigate-30E running FortiOS v6.2.16 build1392 (GA).
Not sure when it happened, but I can't create geography address anymore. It worked in the past.
As can be seen in the picture, the country/region field is empty with no entries.
Please advise,
Thanks, Ofir
Solved! Go to Solution.
Labels:
- Labels:
-
FortiGate
1 Solution
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
After I've opened a ticket, I received from Fortinet a custom build (FGT_30E-v6-build5262-FORTINET.out) which solved the problem after upgrading.
18 REPLIES 18
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello Ofir
Please share the following:
diagnose firewall ipgeo country-list
diagnose geoip ip2country 1.1.1.1
diagnose autoupdate versions | grep -A5 Geo
You may also need to update the GeoIP DB (if you have a valid subscription):
execute update-geo-ip
diagnose autoupdate versions | grep -A5 Geo
Also try create a GeoIP address object via CLI and see if it works:
config firewall address
edit "geo_US"
set type geography
set country "US"
next
end
Hope it helps.
AEK
AEK
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi AEK, attached are the requested outputs:
FortiGate-30E # diagnose firewall ipgeo country-list
Total countries loaded:0
FortiGate-30E # diagnose geoip ip2country 1.1.1.1
Invalid IP or IPv6 address
FortiGate-30E # diagnose autoupdate versions | grep -A5 Geo
IP Geography DB
---------
Version: 0.00000
Contract Expiry Date: n/a
Last Updated using manual update on Tue Nov 30 00:00:00 1999
Last Update Attempt: Fri Apr 18 15:29:03 2025
Can't add address object using CLI, getting the same error when trying to set country:
FortiGate-30E # config firewall address
FortiGate-30E (address) # edit "geo_US"
new entry 'geo_US' added
FortiGate-30E (geo_US) # set type geography
FortiGate-30E (geo_US) # set country "US"
Invalid country code: US
node_check_object fail! for country US
value parse error before 'US'
Command fail. Return code -89
I believe I have a valid subscription, but the DB update isn't working...
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Can you show the status of other DBs?
diagnose autoupdate versions
AEK
AEK
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
FortiGate-30E # diagnose autoupdate versions
AV Engine
---------
Version: 6.00165
Contract Expiry Date: Fri Aug 29 2025
Last Updated using manual update on Tue Aug 24 09:30:44 2021
Last Update Attempt: Fri Apr 18 14:51:21 2025
Result: No Updates
Virus Definitions
---------
Version: 93.02502
Contract Expiry Date: Fri Aug 29 2025
Last Updated using scheduled update on Fri Apr 18 14:50:36 2025
Last Update Attempt: Fri Apr 18 14:50:36 2025
Result: Updates Installed
Extended set
---------
Version: 93.02502
Contract Expiry Date: Fri Aug 29 2025
Last Updated using scheduled update on Fri Apr 18 14:50:36 2025
Last Update Attempt: Fri Apr 18 14:50:36 2025
Result: Updates Installed
Mobile Malware Definitions
---------
Version: 93.02502
Contract Expiry Date: Fri Aug 29 2025
Last Updated using scheduled update on Fri Apr 18 14:50:36 2025
Last Update Attempt: Fri Apr 18 14:50:36 2025
Result: Updates Installed
IPS Attack Engine
---------
Version: 5.00280
Contract Expiry Date: Fri Aug 29 2025
Last Updated using scheduled update on Tue Aug 24 20:20:16 2021
Last Update Attempt: Fri Apr 18 14:51:21 2025
Result: No Updates
IPS Config Script
---------
Version: 1.00009
Contract Expiry Date: Fri Aug 29 2025
Last Updated using manual update on Thu Jun 6 14:02:00 2019
Last Update Attempt: Fri Apr 18 14:51:21 2025
Result: No Updates
Attack Definitions
---------
Version: 31.00992
Contract Expiry Date: Fri Aug 29 2025
Last Updated using scheduled update on Thu Apr 17 20:51:05 2025
Last Update Attempt: Fri Apr 18 14:51:21 2025
Result: No Updates
Attack Extended Definitions
---------
Version: 0.00000
Contract Expiry Date: Fri Aug 29 2025
Last Updated using manual update on Mon Jan 1 00:00:00 2001
Last Update Attempt: Wed Sep 1 12:49:57 2021
Result: Connectivity failure
Application Definitions
---------
Version: 31.00992
Contract Expiry Date: Fri Aug 29 2025
Last Updated using scheduled update on Thu Apr 17 20:51:05 2025
Last Update Attempt: Fri Apr 18 14:51:21 2025
Result: No Updates
Industrial Attack Definitions
---------
Version: 6.00741
Contract Expiry Date: n/a
Last Updated using manual update on Tue Dec 1 02:30:00 2015
Last Update Attempt: Fri Apr 18 14:51:21 2025
Result: Unauthorized
Botnet Definitions
---------
Version: 4.00940
Contract Expiry Date: Fri Aug 29 2025
Last Updated using manual update on Thu Apr 10 08:52:05 2025
Last Update Attempt: Tue Apr 15 02:32:22 2025
Result: No Updates
Botnet Domain Database
---------
Version: 3.01233
Contract Expiry Date: Fri Aug 29 2025
Last Updated using scheduled update on Fri Apr 18 04:51:06 2025
Last Update Attempt: Fri Apr 18 14:51:21 2025
Result: No Updates
Internet-service Database Apps
---------
Version: 7.04137
Contract Expiry Date: n/a
Last Updated using scheduled update on Fri Apr 18 04:51:06 2025
Last Update Attempt: Fri Apr 18 14:51:21 2025
Result: No Updates
Internet-service Mini Database Maps
---------
Version: 7.04137
Contract Expiry Date: n/a
Last Updated using scheduled update on Fri Apr 18 04:51:06 2025
Last Update Attempt: Fri Apr 18 14:51:21 2025
Result: No Updates
Device and OS Identification
---------
Version: 1.00185
Contract Expiry Date: Fri Aug 29 2025
Last Updated using scheduled update on Fri Apr 11 20:29:06 2025
Last Update Attempt: Fri Apr 18 14:51:21 2025
Result: No Updates
URL White list
---------
Version: 4.00562
Contract Expiry Date: Fri Aug 29 2025
Last Updated using scheduled update on Thu Apr 17 18:51:21 2025
Last Update Attempt: Fri Apr 18 14:51:21 2025
Result: No Updates
IP Geography DB
---------
Version: 0.00000
Contract Expiry Date: n/a
Last Updated using manual update on Tue Nov 30 00:00:00 1999
Last Update Attempt: Fri Apr 18 15:34:54 2025
Result: Installation failed
Certificate Bundle
---------
Version: 1.00056
Contract Expiry Date: n/a
Last Updated using manual update on Tue Feb 25 15:00:00 2025
Last Update Attempt: Fri Apr 18 14:51:21 2025
Result: No Updates
Malicious Certificate DB
---------
Version: 1.00531
Contract Expiry Date: Fri Aug 29 2025
Last Updated using scheduled update on Tue Apr 15 00:34:20 2025
Last Update Attempt: Fri Apr 18 14:51:21 2025
Result: No Updates
Modem List
---------
Version: 1.048
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Okay I tried to add debug to update process, this is the output:
installUpdObjRest[800]-Step 9:Delete backup /tmp/update.backup
installUpdObjRest[823]-Step 10:Tell parent to respawn
doInstallUpdatePackage[1007]-Full obj found for IPGE000
doInstallUpdatePackage[1017]-Updating obj IPGE
installUpdateObject[342]-Step 1:Unpack obj 28, Total=1, cur=0
installUpdateObject[371]-Step 2:Prepare temp file for obj 28
installUpdObjRest[679]-Step 5:No need to back /etc/geoip_db.gz
installUpdObjRest[684]-Step 6:Copy new object /tmp/upd7KXEs9->/etc/geoip_db.gz
installUpdObjRest[731]-Failed to copy new obj file /tmp/upd7KXEs9 to /etc/geoip_db.gz, errno=28, No space left on device
It seems that the problem is low space? How can I clear the space on the device in order to finish the installation correctly?
Thanks,
Ofir
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
hi,
have a look at https://community.fortinet.com/t5/FortiGate/Troubleshooting-Tip-Disk-Space-utilization-over-90-on-th... maybe it will help as a starting point.
"jack of all trades, master of none"
"jack of all trades, master of none"
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Ofir
I'm afraid you will need to format the device and reinstall FOS. According to @knaveenkumar 's tech tip this is the solution for this issue.
AEK
AEK
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
But before the above solution, you may try the two below solutions as last resort (use GeoIP v2 instead of GeoIP v3.
https://docs.fortinet.com/document/fortigate/6.2.16/fortios-release-notes/413989
Hope it helps.
AEK
AEK
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi, sorry for the delay.
Regarding the GeoIP v2 solution, if the fortigate is already with the latest firmware (FortiOS v6.2.16 build1392 (GA)) is this solution irrelevant? I didn't understand from the article what is the exact operation that change the DB from v3 to v2.
Is there a possibility to mount an external USB flash drive to enlarge space and install without formatting the unit to factory default?
Thanks
Labels
-
FortiGate
10,510 -
FortiClient
2,135 -
FortiManager
886 -
5.2
687 -
FortiAnalyzer
674 -
5.4
638 -
FortiSwitch
578 -
FortiAP
558 -
FortiClient EMS
551 -
6.0
416 -
IPsec
411 -
SSL-VPN
373 -
FortiMail
371 -
5.6
362 -
FortiNAC
277 -
FortiWeb
252 -
6.2
251 -
FortiAuthenticator v5.5
234 -
SD-WAN
191 -
FortiAuthenticator
168 -
FortiGuard
159 -
5.0
152 -
Firewall policy
141 -
6.4
128 -
FortiGate-VM
126 -
FortiCloud Products
116 -
FortiGateCloud
112 -
FortiSIEM
111 -
FortiToken
110 -
Wireless Controller
95 -
Customer Service
88 -
High Availability
83 -
FortiProxy
77 -
ZTNA
75 -
Routing
72 -
DNS
71 -
SAML
70 -
VLAN
70 -
Fortivoice
69 -
FortiEDR
68 -
FortiADC
67 -
BGP
67 -
Authentication
66 -
Certificate
64 -
RADIUS
59 -
LDAP
58 -
SSO
54 -
FortiSandbox
53 -
fortilink
53 -
NAT
52 -
FortiExtender
51 -
4.0MR3
49 -
VDOM
44 -
Application control
44 -
FortiDNS
43 -
Interface
43 -
Logging
40 -
Virtual IP
39 -
FortiGate v5.4
38 -
FortiSwitch v6.4
38 -
FortiPAM
35 -
SSL SSH inspection
35 -
Web profile
35 -
FortiConnect
34 -
Automation
32 -
FortiWAN
31 -
FortiConverter
30 -
FortiGate v5.2
27 -
SNMP
25 -
SSID
25 -
Static route
25 -
Traffic shaping
24 -
API
24 -
FortiSwitch v6.2
23 -
FortiPortal
23 -
FortiGate Cloud
23 -
System settings
22 -
OSPF
20 -
WAN optimization
20 -
FortiMonitor
19 -
Security profile
19 -
Web application firewall profile
18 -
IP address management - IPAM
18 -
FortiSoar
17 -
Web rating
17 -
FortiGate v5.0
16 -
FortiDDoS
16 -
FortiAP profile
16 -
Explicit proxy
15 -
Admin
15 -
Proxy policy
15 -
FortiCASB
14 -
IPS signature
14 -
Intrusion prevention
14 -
FortiManager v4.0
13 -
DNS filter
13 -
FortiManager v5.0
12 -
NAC policy
12 -
Traffic shaping policy
12 -
Fabric connector
12 -
Port policy
12 -
FortiRecorder
11 -
Users
11 -
FortiDeceptor
10 -
FortiAnalyzer v5.0
10 -
FortiWeb v5.0
10 -
FortiBridge
10 -
Trunk
10 -
Traffic shaping profile
10 -
Authentication rule and scheme
10 -
Fortinet Engage Partner Program
10 -
FortiGate v4.0 MR3
9 -
RMA Information and Announcements
9 -
Antivirus profile
9 -
FortiCache
8 -
FortiToken Cloud
8 -
4.0
7 -
4.0MR2
7 -
Packet capture
7 -
Application signature
7 -
VoIP profile
7 -
Vulnerability Management
7 -
FortiScan
6 -
FortiCarrier
5 -
FortiNDR
5 -
FortiTester
5 -
DLP profile
5 -
DLP sensor
5 -
DoS policy
5 -
Email filter profile
5 -
Protocol option
5 -
Cloud Management Security
5 -
3.6
4 -
FortiDirector
4 -
Internet service database
4 -
DLP Dictionary
4 -
Netflow
4 -
TACACS
4 -
Replacement messages
4 -
SDN connector
4 -
Service
4 -
Multicast routing
4 -
FortiDB
3 -
FortiHypervisor
3 -
Kerberos
3 -
File filter
3 -
Multicast policy
3 -
FortiInsight
2 -
FortiAI
2 -
Video Filter
2 -
Schedule
2 -
ICAP profile
2 -
Zone
2 -
lacework
2 -
FortiEdge Cloud
2 -
FortiGuest
2 -
4.0MR1
1 -
FortiManager-VM
1 -
FortiCWP
1 -
Subscription Renewal Policy
1 -
FortiSASE
1 -
Virtual wire pair
1 -
FortiEdge
1 -
FortiAIOps
1
Top Kudoed Authors
| User | Count |
|---|---|
| 2551 | |
| 1356 | |
| 795 | |
| 646 | |
| 455 |
Broad. Integrated. Automated.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Security Research
Company
News & Articles
Copyright 2025 Fortinet, Inc. All Rights Reserved.