Hello.
As of 01:35 (timezone +01:00) on 17-Jul-2023, we're getting update errors every 30 minutes. We're in the UK. If I change [system > fortiguard > updates] to restrict to "US only" servers (not the default "lowest latency" servers), then manually updating appears to work. Changing back to "lowest latency" and manually updating fails. As of 10:25 ish this morning, scheduled updates are still failing.
Cheers, Colin.
Hi Colin,
Thank you for the query!
I understand you are seeing issue with Fortigate update, when you set the fortiguard servers to Lowest latency.
Could you please confirm when you set the fortiguard servers to lowest latency are you seeing the Fortiguard connectivity is up?
Thank you!
Thallapelly Thrilok
Yes, as far as I can tell, the connectivity to Fortiguard is up. There are no errors, except the "update failed" errors, which have severity = critical.
Dear colinbutcher,
Please try updating the database manually and check the behavior. Please check below link
The errors have ceased happening. The IPS malicious URL database appears to have been updated automatically: IPS Malicious URL Database: 4.00770(2023-07-19 14:54)
It appears that whatever had gone wrong has been resolved.
The issue you're facing with your FortiGate FG60E device, where updates are failing and there are issues with the `idsurldb` signature, is not uncommon. It appears there might be issues either with the FortiGuard servers or with the path your device takes to reach them. Here's how you can troubleshoot and potentially resolve the issue:
1. **Test Connectivity**: Ensure that your FortiGate can reach the FortiGuard servers. You can do this by using the command:
```
execute ping service.fortiguard.net
```
2. **DNS Issues**: Sometimes, DNS resolution problems can cause these issues. Ensure your FortiGate's DNS settings are correctly configured. Test with a public DNS like Google's `8.8.8.8` to see if that resolves the issue.
3. **Proxy or Firewall**: If there's a web proxy or another firewall in your network, ensure that it isn't blocking or filtering the FortiGate's attempts to reach the FortiGuard servers.
4. **Check License**: Ensure your FortiGuard licenses are valid and have not expired. An expired license can prevent updates.
5. **Logs & Debug**: Check the FortiGate logs for any further information regarding the update failures. Additionally, you can enable debugging for updates to get more detailed information:
```
diagnose debug update application ips enable
diagnose debug enable
```
After running the above commands, try to update again and observe the debug messages for any clues. Remember to disable debugging after you're done:
```
diagnose debug disable
```
6. **Manual Update**: As a temporary solution, you can download the latest `idsurldb` database and other updates from the Fortinet support site and manually update the FortiGate.
7. **Firmware Update**: Sometimes, firmware updates can resolve such issues. If there's a newer version of FortiOS available, consider updating your device (after backing up your configuration and ensuring you've read the release notes).
8. **FortiGuard Server Selection**: As you mentioned, selecting specific FortiGuard servers (e.g., "US only") seemed to help. It's possible that some FortiGuard servers in the "lowest latency" pool are having issues or are being blocked/routed inefficiently from your location. You can temporarily use the "US only" setting, or if there's a more geographically appropriate server selection, use that until the issue is resolved.
9. **Contact Fortinet Support**: If none of the above steps resolves the issue, it would be best to contact Fortinet's technical support. They might be aware of any widespread issues or can provide specific assistance for your situation.
Lastly, always ensure you have backups of your configuration before making any significant changes or updates to your FortiGate device.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1740 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.