Hello dear community,
We have installed a FortiGate via a Zero Touch Process using the FortiManager, i.e. the FortiGate is connected, assigned an address via DHCP and then reports to the FortiManager. The FortiManager then transfers the required configuration and policies to the FortiGate.
Basically, the process works perfectly, but we have noticed that the FortiGate has problems upgrading its ISDB independently during the installation of the configuration.
If you look at the process report from the FortiManager, which shows the installation of the configuration (see attachment), an attempt is made to update the ISDB on the FortiGate for 3 minutes until the process times out. We also previously had an address object from the ISDB in our policy set, which meant that the entire policy could not be automatically installed on the FortiGate due to the problem.
We would like to save these 3 minutes and also have the possibility to install objects directly from the ISDB in the future. Has anyone here had the same experience or ideas to solve the problem?
Thank you and kind regards
Nick
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hi @NickStudi ,
Generally, starting in 7.2.1 this features introduces to check if FMG have latest update of ISDB than FGT it will start to update within 3 min, if it fails it will still install to FGT.
However, on FGT itself can be update by itself by below command:
# diag debug application update -1
# diag debug enable
# execute update-now
Note: Make sure FGT have internet access to get an update from FortiGuard server
Hi @smkml
Thanks for the answer! I assume that the update fails every time because the FortiGate has no internet connection at the time it receives its configuration from the FortiManager, right? That's why it always seems to time out in my case.
Hi @NickStudi ,
Yes, if your FGT use FMG as FortiGuard server, it is the same, manually update from the FGT to get latest ISDB version.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1732 | |
1106 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.