Hi,
Some signatures not updating.
How can i solve this ?
IPS Definitions | Version 27.00741 |
IPS Engine | Version 7.00524 |
Malicious URLs | Version 1.00001 |
Botnet IPs | Version 0.00000 |
Botnet Domains | Version 3.00672 |
Hello networm, Good day!
Can you please share the output of the following:
diag autoupdate versions
Please hide sensitive information before sharing the output.
Thank you
AV Engine
---------
Version: 7.00021 signed
Contract Expiry Date: Mon Apr 1 2024
Last Updated using manual update on Thu Oct 26 23:29:00 2023
Last Update Attempt: Fri Mar 1 20:23:53 2024
Result: No Updates
Virus Definitions
---------
Version: 92.02044 signed
Contract Expiry Date: Mon Apr 1 2024
Last Updated using notify update on Fri Mar 1 19:44:19 2024
Last Update Attempt: Fri Mar 1 20:23:53 2024
Result: No Updates
Extended set
---------
Version: 92.02044 signed
Contract Expiry Date: Mon Apr 1 2024
Last Updated using notify update on Fri Mar 1 19:44:19 2024
Last Update Attempt: Fri Mar 1 20:23:53 2024
Result: No Updates
Extreme set
---------
Version: 1.00000 signed
Contract Expiry Date: Mon Apr 1 2024
Last Updated using manual update on Mon Apr 9 18:07:00 2018
Last Update Attempt: n/a
Result: Updates Installed
Mobile Malware Definitions
---------
Version: 92.02044 signed
Contract Expiry Date: Mon Apr 1 2024
Last Updated using notify update on Fri Mar 1 19:44:19 2024
Last Update Attempt: Fri Mar 1 20:23:53 2024
Result: No Updates
IPS Attack Engine
---------
Version: 7.00524 signed
Contract Expiry Date: Mon Apr 1 2024
Last Updated using manual update on Mon Nov 27 18:30:00 2023
Last Update Attempt: Fri Mar 1 20:23:53 2024
Result: No Updates
Attack Definitions
---------
Version: 6.00741 signed
Contract Expiry Date: Mon Apr 1 2024
Last Updated using manual update on Tue Dec 1 02:30:00 2015
Last Update Attempt: n/a
Result: Updates Installed
Attack Extended Definitions
---------
Version: 27.00741 signed
Contract Expiry Date: Mon Apr 1 2024
Last Updated using manual update on Thu Feb 29 22:11:02 2024
Last Update Attempt: Fri Mar 1 20:23:53 2024
Result: No Updates
Application Definitions
---------
Version: 6.00741 signed
Contract Expiry Date: Tue Nov 29 2016
Last Updated using manual update on Tue Dec 1 02:30:00 2015
Last Update Attempt: Fri Mar 1 20:23:53 2024
Result: Unauthorized
OT Threat Definitions
---------
Version: 26.00740 signed
Contract Expiry Date: Mon Apr 1 2024
Last Updated using manual update on Thu Feb 29 22:11:02 2024
Last Update Attempt: Fri Mar 1 20:23:53 2024
Result: No Updates
FMWP Definitions
---------
Version: 0.00000
Contract Expiry Date: Tue Nov 29 2016
Last Updated using manual update on Mon Jan 1 00:00:00 2001
Last Update Attempt: Sat Mar 11 00:17:27 2023
Result: Connectivity failure
IPS Malicious URL Database
---------
Version: 1.00001 signed
Contract Expiry Date: Mon Apr 1 2024
Last Updated using manual update on Thu Jan 1 01:01:00 2015
Last Update Attempt: Fri Mar 1 20:23:53 2024
Result: Unauthorized
IoT Detect Definitions
---------
Version: 27.00741 signed
Contract Expiry Date: Mon Apr 1 2024
Last Updated using manual update on Thu Feb 29 22:11:02 2024
Last Update Attempt: Fri Mar 1 20:23:53 2024
Result: No Updates
OT Detect Definitions
---------
Version: 27.00741 signed
Contract Expiry Date: Mon Apr 1 2024
Last Updated using manual update on Thu Feb 29 22:11:02 2024
Last Update Attempt: Fri Mar 1 20:23:53 2024
Result: No Updates
OT Patch Definitions
---------
Version: 26.00740 signed
Contract Expiry Date: Mon Apr 1 2024
Last Updated using manual update on Thu Feb 29 22:11:02 2024
Last Update Attempt: Fri Mar 1 20:23:53 2024
Result: No Updates
Flow-based Virus Definitions
---------
Version: 92.02044 signed
Contract Expiry Date: Mon Apr 1 2024
Last Updated using notify update on Fri Mar 1 19:44:19 2024
Last Update Attempt: Fri Mar 1 20:23:53 2024
Result: No Updates
Botnet Domain Database
---------
Version: 3.00672 signed
Contract Expiry Date: Mon Apr 1 2024
Last Updated using notify update on Fri Mar 1 18:00:01 2024
Last Update Attempt: Sat Mar 11 00:17:27 2023
Result: Connectivity failure
Proxy Attack Definitions
---------
Version: 6.00741 signed
Contract Expiry Date: Mon Apr 1 2024
Last Updated using manual update on Tue Dec 1 02:30:00 2015
Last Update Attempt: n/a
Result: Updates Installed
Proxy Attack Extended Definitions
---------
Version: 27.00741 signed
Contract Expiry Date: Mon Apr 1 2024
Last Updated using manual update on Thu Feb 29 22:11:02 2024
Last Update Attempt: Fri Mar 1 20:23:53 2024
Result: No Updates
Proxy Application Definitions
---------
Version: 6.00741 signed
Contract Expiry Date: Tue Nov 29 2016
Last Updated using manual update on Tue Dec 1 02:30:00 2015
Last Update Attempt: Fri Mar 1 20:23:53 2024
Result: Unauthorized
Internet-service Full Database
---------
Version: 0.00000
Contract Expiry Date: n/a
Last Updated using manual update on Mon Jan 1 00:00:00 2001
Last Update Attempt: Sat Mar 11 00:17:27 2023
Result: Connectivity failure
Device and OS Identifications
---------
Version: 1.00163
Contract Expiry Date: Tue Nov 29 2016
Last Updated using scheduled update on Thu Feb 29 23:50:18 2024
Last Update Attempt: Sat Mar 11 00:17:27 2023
Result: Connectivity failure
URL Allow list
---------
Version: 0.00000
Contract Expiry Date: Tue Nov 29 2016
Last Updated using manual update on Mon Jan 1 00:00:00 2001
Last Update Attempt: Sat Mar 11 00:17:27 2023
Result: Connectivity failure
DLP Signatures
---------
Version: 0.00000
Contract Expiry Date: n/a
Last Updated using manual update on Mon Jan 1 00:00:00 2001
Last Update Attempt: Sat Mar 11 00:17:27 2023
Result: Connectivity failure
IP Geography DB
---------
Version: 3.00172
Contract Expiry Date: n/a
Last Updated using manual update on Thu Apr 13 04:23:00 2023
Last Update Attempt: Sat Mar 11 00:17:27 2023
Result: Connectivity failure
Certificate Bundle
---------
Version: 1.00048
Contract Expiry Date: n/a
Last Updated using manual update on Tue Dec 12 15:00:00 2023
Last Update Attempt: Sat Mar 11 00:17:27 2023
Result: Connectivity failure
Malicious Certificate DB
---------
Version: 1.00469
Contract Expiry Date: Mon Apr 1 2024
Last Updated using manual update on Thu Feb 29 21:22:57 2024
Last Update Attempt: Sat Mar 11 00:17:27 2023
Result: Connectivity failure
Mac Address Database
---------
Version: 1.00143
Contract Expiry Date: Tue Nov 29 2016
Last Updated using manual update on Tue Dec 6 09:00:00 2022
Last Update Attempt: Sat Mar 11 00:17:27 2023
Result: Connectivity failure
AntiPhish Pattern DB
---------
Version: 0.00000
Contract Expiry Date: Tue Nov 29 2016
Last Updated using manual update on Tue Nov 30 00:00:00 1999
Last Update Attempt: Sat Mar 11 00:17:27 2023
Result: Connectivity failure
AI/Machine Learning Malware Detection Model
---------
Version: 2.14969 signed
Contract Expiry Date: Mon Apr 1 2024
Last Updated using notify update on Fri Mar 1 19:58:15 2024
Last Update Attempt: Fri Mar 1 20:23:53 2024
Result: No Updates
ICDB Database
---------
Version: 0.00000
Contract Expiry Date: Tue Nov 29 2016
Last Updated using manual update on Mon Jan 1 00:00:00 2001
Last Update Attempt: Sat Mar 11 00:17:27 2023
Result: Connectivity failure
Inline CASB Database
---------
Version: 1.00004
Contract Expiry Date: Tue Nov 29 2016
Last Updated using manual update on Tue Dec 5 02:18:00 2023
Last Update Attempt: Sat Mar 11 00:17:27 2023
Result: Connectivity failure
Modem List
---------
Version: 0.000
Security Rating Data Package
---------
Version: 5.00031
Contract Expiry Date: Tue Nov 29 2016
Last Updated using manual update on Thu Feb 29 21:22:57 2024
Last Update Attempt: Sat Mar 11 00:17:27 2023
Result: Connectivity failure
FDS Address
---------
Kindly verify , the licenses are updated and Fortiguard servers are reachable
Hi
Which FortiGate model and FortiOS version?
Is it ATP or UTP license?
Is the license still valid?
Please run the below and share the output:
diag debug application update -1
diag debug enable
exec update-now
Created on 03-10-2024 02:18 PM Edited on 03-10-2024 02:21 PM
Hi,
Fortigate 3700D , latest version.
Yes license valid until 01/04/2024
[56] __ntfd_peer_vfy: Server certificate failed verification. Error: 9 (certificate is not yet valid), depth: 0, subject: /C=US/ST=California/L=Sunnyvale/O=Fortinet/OU=FDS/CN=fds1.fortinet.com/emailAddress=support@fortinet.com.
[56] __ntfd_peer_vfy: Server certificate failed verification. Error: 9 (certificate is not yet valid), depth: 0, subject: /C=US/ST=California/L=Sunnyvale/O=Fortinet/OU=FDS/CN=fds1.fortinet.com/emailAddress=support@fortinet.com.
[56] __ntfd_peer_vfy: Server certificate failed verification. Error: 9 (certificate is not yet valid), depth: 0, subject: /C=US/ST=California/L=Sunnyvale/O=Fortinet/OU=FDS/CN=fds1.fortinet.com/emailAddress=support@fortinet.com.
Hello,
Please update the output of the following:
di de rating
show system fortiguard
Recommended system fortiguard setting:
config system fortiguard
set fortiguard-anycast disable
set protocol udp
set port 8888
set sdns-server-ip 208.91.112.220
end
After few minutes:
diag debug application update -1
diag debug enable
exec update-now
After few minutes see if the signatures are updated,
If not then try manual update as follows:
This article describes how to update the 'IPS Malicious URL Database' manually.
Regards,
do_update[665]-Starting now UPDATE (final try)
__update_upd_comp_by_settings[480]-Disabling FLEN components.
__update_upd_comp_by_settings[484]-Disabling NIDSDB/ISDB/MUDB components.
__update_upd_comp_by_settings[488]-Disabling APPDB/IOTDB/OTDB components.
__update_upd_comp_by_settings[492]-Disabling AVEN components.
__update_upd_comp_by_settings[496]-Disabling AVDB/FLDB/MMDB components.
upd_fds_load_default_server6[1046]-Resolve and add fds update.fortiguard.net ipv6 address failed.
upd_comm_connect_fds[459]-Trying FDS 12.34.97.16:443
[116] __ssl_cert_ctx_load: Added cert /etc/cert/factory/root_Fortinet_Factory.cer, root ca Fortinet_CA, idx 0 (default)
[497] ssl_ctx_use_builtin_store: Loaded Fortinet Trusted Certs
[517] ssl_ctx_use_builtin_store: Enable CRL checking.
[524] ssl_ctx_use_builtin_store: Enable OCSP Stapling.
[828] ssl_ctx_create_new: SSL CTX is created
[855] ssl_new: SSL object is created
[191] ssl_add_ftgd_hostname_check: Add hostname checking 'update.fortiguard.net'...
__upd_peer_vfy[334]-Server certificate OK.
[362] __ssl_crl_verify_cb: Cert error 9, certificate is not yet valid. Depth 0
__upd_peer_vfy[329]-Server certificate failed verification. Error: 9 (certificate is not yet valid), depth: 0, subject: /C=US/ST=California/L=Sunnyvale/O=Fortinet/OU=FDS/CN=fds1.fortinet.com/emailAddress=support@fortinet.com.
[1063] ssl_connect: SSL_connect failes: error:0A000086:SSL routines::certificate verify failed
ssl_connect_fds[393]-Failed SSL connecting (5,0,Success)
[207] __ssl_data_ctx_free: Done
[1108] ssl_free: Done
[199] __ssl_cert_ctx_free: Done
[1118] ssl_ctx_free: Done
upd_comm_connect_fds[478]-Failed SSL connect
upd_comm_connect_fds[459]-Trying FDS 208.184.237.66:443
[116] __ssl_cert_ctx_load: Added cert /etc/cert/factory/root_Fortinet_Factory.cer, root ca Fortinet_CA, idx 0 (default)
[497] ssl_ctx_use_builtin_store: Loaded Fortinet Trusted Certs
[517] ssl_ctx_use_builtin_store: Enable CRL checking.
[524] ssl_ctx_use_builtin_store: Enable OCSP Stapling.
[828] ssl_ctx_create_new: SSL CTX is created
[855] ssl_new: SSL object is created
[191] ssl_add_ftgd_hostname_check: Add hostname checking 'update.fortiguard.net'...
__upd_peer_vfy[334]-Server certificate OK.
[362] __ssl_crl_verify_cb: Cert error 9, certificate is not yet valid. Depth 0
__upd_peer_vfy[329]-Server certificate failed verification. Error: 9 (certificate is not yet valid), depth: 0, subject: /C=US/ST=California/L=Sunnyvale/O=Fortinet/OU=FDS/CN=fds1.fortinet.com/emailAddress=support@fortinet.com.
[1063] ssl_connect: SSL_connect failes: error:0A000086:SSL routines::certificate verify failed
ssl_connect_fds[393]-Failed SSL connecting (5,0,Success)
[207] __ssl_data_ctx_free: Done
[1108] ssl_free: Done
[199] __ssl_cert_ctx_free: Done
[1118] ssl_ctx_free: Done
upd_comm_connect_fds[478]-Failed SSL connect
upd_comm_connect_fds[459]-Trying FDS 173.243.138.71:443
[116] __ssl_cert_ctx_load: Added cert /etc/cert/factory/root_Fortinet_Factory.cer, root ca Fortinet_CA, idx 0 (default)
[497] ssl_ctx_use_builtin_store: Loaded Fortinet Trusted Certs
[517] ssl_ctx_use_builtin_store: Enable CRL checking.
[524] ssl_ctx_use_builtin_store: Enable OCSP Stapling.
[828] ssl_ctx_create_new: SSL CTX is created
[855] ssl_new: SSL object is created
[191] ssl_add_ftgd_hostname_check: Add hostname checking 'update.fortiguard.net'...
__upd_peer_vfy[334]-Server certificate OK.
[362] __ssl_crl_verify_cb: Cert error 9, certificate is not yet valid. Depth 0
__upd_peer_vfy[329]-Server certificate failed verification. Error: 9 (certificate is not yet valid), depth: 0, subject: /C=US/ST=California/L=Sunnyvale/O=Fortinet/OU=FDS/CN=fds1.fortinet.com/emailAddress=support@fortinet.com.
[1063] ssl_connect: SSL_connect failes: error:0A000086:SSL routines::certificate verify failed
ssl_connect_fds[393]-Failed SSL connecting (5,0,Success)
[207] __ssl_data_ctx_free: Done
[1108] ssl_free: Done
[199] __ssl_cert_ctx_free: Done
[1118] ssl_ctx_free: Done
upd_comm_connect_fds[478]-Failed SSL connect
do_update[675]-UPDATE failed
[56] __ntfd_peer_vfy: Server certificate failed verification. Error: 9 (certificate is not yet valid), depth: 0, subject: /C=US/ST=California/L=Sunnyvale/O=Fortinet/OU=FDS/CN=fds1.fortinet.com/emailAddress=support@fortinet.com.
[56] __ntfd_peer_vfy: Server certificate failed verification. Error: 9 (certificate is not yet valid), depth: 0, subject: /C=US/ST=California/L=Sunnyvale/O=Fortinet/OU=FDS/CN=fds1.fortinet.com/emailAddress=support@fortinet.com.
Is there a proxy between FortiGate and Internet?
Also check if FGT system time is synchronized.
Is in the nat.
All databases updating succesfully but they are not updating.
Latest LOG:
upd_status_extract_alci_info[1391]-Finished reading account contracts
installUpdObjRest[1062]-Step 9:Delete backup /tmp/update.backup
installUpdObjRest[1101]-Step 10:Tell parent to respawn
upd_install_pkg[1435]-AVEN028 is up-to-date
upd_install_pkg[1435]-AVDB002 is up-to-date
upd_install_pkg[1435]-AVDB007 is up-to-date
upd_install_pkg[1435]-AVDB004 is up-to-date
upd_install_pkg[1435]-AVDB019 is up-to-date
upd_install_pkg[1461]-FCNI000(fcni) installed successfully
upd_install_pkg[1461]-FDNI000(fdslist) installed successfully
upd_install_pkg[1461]-FSCI000(contract) installed successfully
upd_install_pkg[1435]-FLEN076 is up-to-date
upd_install_pkg[1435]-FLDB002 is up-to-date
upd_install_pkg[1435]-NIDS026 is up-to-date
upd_install_pkg[1435]-NIDS056 is up-to-date
upd_install_pkg[1441]-MUDB001 is unauthorized
upd_install_pkg[1441]-APDB001 is unauthorized
upd_install_pkg[1441]-APDB051 is unauthorized
upd_install_pkg[1441]-FMWP001 is unauthorized
upd_install_pkg[1435]-ISDB001 is up-to-date
upd_install_pkg[1435]-IOTD001 is up-to-date
upd_install_pkg[1435]-OTDB001 is up-to-date
upd_install_pkg[1435]-OTDB002 is up-to-date
upd_install_pkg[1441]-CIDB001 is unauthorized
upd_install_pkg[1441]-IPGO000 is unauthorized
upd_install_pkg[1441]-FFDB020 is unauthorized
upd_install_pkg[1441]-UWDB001 is unauthorized
upd_install_pkg[1441]-DLDB000 is unauthorized
upd_install_pkg[1435]-CRDB000 is up-to-date
upd_install_pkg[1435]-MMDB001 is up-to-date
upd_install_pkg[1435]-DBDB001 is up-to-date
upd_install_pkg[1435]-SFAS000 is up-to-date
upd_install_pkg[1435]-MCDB001 is up-to-date
upd_install_pkg[1461]-ALCI000(alci) installed successfully
upd_install_pkg[1441]-MADB002 is unauthorized
upd_install_pkg[1441]-AFDB001 is unauthorized
upd_install_pkg[1441]-ICDB001 is unauthorized
upd_install_pkg[1441]-CASB002 is unauthorized
upd_status_save_status[135]-try to save on status file
upd_status_save_status[201]-Wrote status file
__upd_act_update[319]-Package installed successfully
upd_comm_disconnect_fds[500]-Disconnecting FDS 149.5.232.66:443
[207] __ssl_data_ctx_free: Done
[1108] ssl_free: Done
[199] __ssl_cert_ctx_free: Done
[1118] ssl_ctx_free: Done
[1099] ssl_disconnect: Shutdown
do_update[696]-UPDATE successful
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1737 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.