Hi
We're running Fortigates with v5.2.x and FMG 5.2.1.
How do you tell a fortigate to check FMG for Fortiguard updates before going to the proper Fortiguard Service Service?
The fortiOS manual say
config system central-management
set fortimanager-fds-sigupdate-override enable
set sig-update-server-1 10.10.10.10
set sig-update-server-2 20.20.20.20
set sig-update-server-3 30.30.30.30
end
But none of these commands actually exist in the CLI.
I've seen other websites stating run "set fortimanager-fds-override enable" but this doesn't exist anymore.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
All that it doesnt do is Web Filtering license verification, and web filtering database download on the FGT. It does download the Web Filtering database on FMG though
All that it doesnt do is Web Filtering license verification, and web filtering database download on the FGT. It does download the Web Filtering database on FMG though
-- for WF, FGT send URL request to FMG and FMG will then return result
but to confirm, on FGT, you config is like below?
config server-list edit 1 set server-type upate
this is only for AV/IPS update, and for WF/AS, you need to also enable rating
set server-type update rating
Thanks
Simon
Here is the FMG config
config system central-management set type fortimanager set fmg "10.200.1.1" config server-list edit 1 set server-type update rating set server-address 10.200.1.1 next end set include-default-servers disable set enc-algorithm high end
can you also provide "diagnose debug rating" on FGT?
Thanks
Simon
di de rating Locale : english License : Unknown Expiration : N/A -=- Server List (Wed Mar 2 10:07:45 2016) -=- IP Weight RTT Flags TZ Packets Curr Lost Total Lost 10.200.1.1 120 0 IF 0 107912 107909 107909
can you help do a check on FMG side " diagnose fmupdate fgd-dbcontract", so that FGT SN has correct license in FMG db? you do not need to paste it here since output will have your FGT license info
if you checked license is OK on FMG side, you may need to open a ticket and send me a ticket reminder, we will work for your case through ticket system
Thanks
Simon
Thanks.
I checked the license info using the comand "di fmupdate fgd-dbcontract". It displays the serial numbers and the license info correctly.
The other thing I have noticed is, for FMG, we have got a license for 10UG only which means 10 + 10 in total. If I look at the datasheet, it shows the add-ons are available for FMG-VM-10-UG and the next one is FMG-VM-100-UG. It doesnt show anything fo r +10 licences
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1732 | |
1106 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.