Unlock Exclusive Benefits
Join Our Community Today!
Join our community and post in the forum to earn your exclusive Summer Badge! Become a member today!
LOGIN/REGISTER
CONTINUE AS A GUEST
- Support Forum
- Knowledge Base
- Customer Service
- Internal Article Nominations
- FortiGate
- FortiClient
- FortiADC
- FortiAIOps
- FortiAnalyzer
- FortiAP
- FortiAuthenticator
- FortiBridge
- FortiCache
- FortiCare Services
- FortiCarrier
- FortiCASB
- FortiConverter
- FortiCNP
- FortiDAST
- FortiData
- FortiDDoS
- FortiDB
- FortiDNS
- FortiDLP
- FortiDeceptor
- FortiDevice
- FortiDevSec
- FortiDirector
- FortiEdgeCloud
- FortiEDR
- FortiEndpoint
- FortiExtender
- FortiGate Cloud
- FortiGuard
- FortiGuest
- FortiHypervisor
- FortiInsight
- FortiIsolator
- FortiMail
- FortiManager
- FortiMonitor
- FortiNAC
- FortiNAC-F
- FortiNDR (on-premise)
- FortiNDRCloud
- FortiPAM
- FortiPhish
- FortiPortal
- FortiPresence
- FortiProxy
- FortiRecon
- FortiRecorder
- FortiSRA
- FortiSandbox
- FortiSASE
- FortiSASE Sovereign
- FortiScan
- FortiSIEM
- FortiSOAR
- FortiSwitch
- FortiTester
- FortiToken
- FortiVoice
- FortiWAN
- FortiWeb
- FortiAppSec Cloud
- Lacework
- Wireless Controller
- RMA Information and Announcements
- FortiCloud Products
- ZTNA
- 4D Documents
- Customer Service
- Community Groups
- Blogs
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
- Fortinet Community
- Support Forum
- IPS not working
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
IPS not working
The IPS is not working on my FortiGate (120G-v7.4.9). How can I find out what's wrong? The profile is configured and assigned to the groups in the firewall policy. My license is active until 2026.
Best regards
FGT-120G-L# diagnose test application ipsmonitor 1
pid = 1979, engine count = 7 (+1)
diag: read_retry:0 stuck:0 lock_retried:0 discarded:0 executed:0 lock_preempted:0
0 - pid:1988:1988 cfg:1 master:0 run:1
1 - pid:2333:2333 cfg:0 master:1 run:1
2 - pid:2334:2334 cfg:0 master:0 run:1
3 - pid:2335:2335 cfg:0 master:0 run:1
4 - pid:2336:2336 cfg:0 master:0 run:1
5 - pid:2337:2337 cfg:0 master:0 run:1
6 - pid:2338:2338 cfg:0 master:0 run:1
7 - pid:2339:2339 cfg:0 master:0 run:1
pid: 2334 index:2
version: 07004000FLEN07800-00007.00004.00587-2508271856
up time: 35 days 14 hours 12 minutes
init time: 1 seconds
socket size: 64(MB)
database: ipsetdb appdb
state: raw(4/6):107/108 l2:109 l7:110(8 clients)
bypass: disable
pid: 1988 index:0 cfg
version: 07004000FLEN07800-00007.00004.00587-2508271856
up time: 35 days 14 hours 12 minutes
init time: 13 seconds
socket size: 64(MB)
database: ipsetdb appdb
state: ipshelper: 7 workers
bypass: disable
pid: 2337 index:5
version: 07004000FLEN07800-00007.00004.00587-2508271856
up time: 35 days 14 hours 12 minutes
init time: 1 seconds
socket size: 64(MB)
database: ipsetdb appdb
state: raw(4/6):107/108 l2:109 l7:110(8 clients)
bypass: disable
pid: 2333 index:1 master
version: 07004000FLEN07800-00007.00004.00587-2508271856
up time: 35 days 14 hours 12 minutes
init time: 1 seconds
socket size: 64(MB)
database: ipsetdb appdb
state: raw(4/6):112/113 l2:114 l7:115(8 clients)
bypass: disable
pid: 2335 index:3
version: 07004000FLEN07800-00007.00004.00587-2508271856
up time: 35 days 14 hours 12 minutes
init time: 1 seconds
socket size: 64(MB)
database: ipsetdb appdb
state: raw(4/6):107/108 l2:109 l7:110(8 clients)
bypass: disable
pid: 2336 index:4
version: 07004000FLEN07800-00007.00004.00587-2508271856
up time: 35 days 14 hours 12 minutes
init time: 1 seconds
socket size: 64(MB)
database: ipsetdb appdb
state: raw(4/6):107/108 l2:109 l7:110(8 clients)
bypass: disable
pid: 2338 index:6
version: 07004000FLEN07800-00007.00004.00587-2508271856
up time: 35 days 14 hours 12 minutes
init time: 1 seconds
socket size: 64(MB)
database: ipsetdb appdb
state: raw(4/6):107/108 l2:109 l7:110(8 clients)
bypass: disable
pid: 2339 index:7
version: 07004000FLEN07800-00007.00004.00587-2508271856
up time: 35 days 14 hours 12 minutes
init time: 1 seconds
socket size: 64(MB)
database: ipsetdb appdb
state: raw(4/6):107/108 l2:109 l7:110(8 clients)
bypass: disable
diagnose test update info
Logs: idx=17
Wed Nov 12 03:32:16 2025 upd_install_pkg[1377]-ICDB001 is up-to-date
Wed Nov 12 03:32:16 2025 upd_install_pkg[1377]-CASB002 is up-to-date
Wed Nov 12 03:32:16 2025 __upd_act_update[321]-Package installed successfully
Wed Nov 12 03:32:48 2025 do_update[756]-UPDATE successful
Wed Nov 12 03:32:48 2025 do_update[723]-Starting scheduled UPDATE (not final retry)
Wed Nov 12 03:32:48 2025 doInstallUpdatePackage[1011]-Full obj found for FCNI000
Wed Nov 12 03:32:48 2025 doInstallUpdatePackage[1021]-Updating obj FCNI
Wed Nov 12 03:32:48 2025 doInstallUpdatePackage[1011]-Full obj found for FDNI000
Wed Nov 12 03:32:48 2025 doInstallUpdatePackage[1021]-Updating obj FDNI
Wed Nov 12 03:32:48 2025 doInstallUpdatePackage[1011]-Full obj found for FSCI000
Wed Nov 12 03:32:48 2025 doInstallUpdatePackage[1021]-Updating obj FSCI
Wed Nov 12 03:32:48 2025 doInstallUpdatePackage[1011]-Full obj found for ALCI000
Wed Nov 12 03:32:48 2025 doInstallUpdatePackage[1021]-Updating obj ALCI
Wed Nov 12 03:32:48 2025 upd_install_pkg[1377]-AVEN031 is up-to-date
Wed Nov 12 03:32:48 2025 upd_install_pkg[1377]-AVDB002 is up-to-date
Wed Nov 12 03:32:48 2025 upd_install_pkg[1377]-AVDB007 is up-to-date
Wed Nov 12 03:32:48 2025 upd_install_pkg[1377]-AVDB019 is up-to-date
Wed Nov 12 03:32:48 2025 upd_install_pkg[1403]-FCNI000(fcni) installed successfully
Wed Nov 12 03:32:48 2025 upd_install_pkg[1403]-FDNI000(fdslist) installed successfully
Wed Nov 12 03:32:48 2025 upd_install_pkg[1403]-FSCI000(contract) installed successfully
Wed Nov 12 03:32:48 2025 upd_install_pkg[1377]-FLEN078 is up-to-date
Wed Nov 12 03:32:48 2025 upd_install_pkg[1377]-FLDB002 is up-to-date
Wed Nov 12 03:32:48 2025 upd_install_pkg[1377]-NIDS027 is up-to-date
Wed Nov 12 03:32:48 2025 upd_install_pkg[1377]-NIDS057 is up-to-date
Wed Nov 12 03:32:48 2025 upd_install_pkg[1377]-MUDB001 is up-to-date
Wed Nov 12 03:32:48 2025 upd_install_pkg[1377]-APDB001 is up-to-date
Wed Nov 12 03:32:48 2025 upd_install_pkg[1377]-APDB051 is up-to-date
Wed Nov 12 03:32:48 2025 upd_install_pkg[1377]-FMWP001 is up-to-date
Wed Nov 12 03:32:48 2025 upd_install_pkg[1383]-ISDB001 is unauthorized
Wed Nov 12 03:32:48 2025 upd_install_pkg[1383]-IOTD001 is unauthorized
Wed Nov 12 03:32:48 2025 upd_install_pkg[1383]-OTDB001 is unauthorized
Wed Nov 12 03:32:48 2025 upd_install_pkg[1383]-OTDB002 is unauthorized
Wed Nov 12 03:32:48 2025 upd_install_pkg[1377]-CIDB001 is up-to-date
Wed Nov 12 03:32:48 2025 upd_install_pkg[1377]-IPGO000 is up-to-date
Wed Nov 12 03:32:48 2025 upd_install_pkg[1377]-FFDB020 is up-to-date
Wed Nov 12 03:32:48 2025 upd_install_pkg[1377]-UWDB001 is up-to-date
Wed Nov 12 03:32:48 2025 upd_install_pkg[1383]-DLDB003 is unauthorized
Wed Nov 12 03:32:48 2025 upd_install_pkg[1377]-CRDB000 is up-to-date
Wed Nov 12 03:32:48 2025 upd_install_pkg[1377]-MMDB001 is up-to-date
Wed Nov 12 03:32:48 2025 upd_install_pkg[1377]-DBDB001 is up-to-date
Wed Nov 12 03:32:48 2025 upd_install_pkg[1377]-SFAS000 is up-to-date
Wed Nov 12 03:32:48 2025 upd_install_pkg[1377]-MCDB001 is up-to-date
Wed Nov 12 03:32:48 2025 upd_install_pkg[1403]-ALCI000(alci) installed successfully
Wed Nov 12 03:32:48 2025 upd_install_pkg[1377]-MADB002 is up-to-date
Wed Nov 12 03:32:48 2025 upd_install_pkg[1377]-AFDB001 is up-to-date
Wed Nov 12 03:32:48 2025 upd_install_pkg[1377]-ICDB001 is up-to-date
Wed Nov 12 03:32:48 2025 upd_install_pkg[1377]-CASB002 is up-to-date
Wed Nov 12 03:32:48 2025 __upd_act_update[321]-Package installed successfully
Wed Nov 12 03:32:48 2025 do_update[756]-UPDATE successful
Wed Nov 12 04:24:18 2025 do_virus_report[793]-Starting VIRUS REPORT
Wed Nov 12 04:24:18 2025 do_virus_report[819]-Virus report successful
Wed Nov 12 05:24:21 2025 do_virus_report[793]-Starting VIRUS REPORT
Wed Nov 12 05:24:23 2025 do_virus_report[819]-Virus report successful
Wed Nov 12 06:24:25 2025 do_virus_report[793]-Starting VIRUS REPORT
Wed Nov 12 06:24:28 2025 do_virus_report[819]-Virus report successful
Wed Nov 12 07:24:30 2025 do_virus_report[793]-Starting VIRUS REPORT
Wed Nov 12 07:24:30 2025 do_virus_report[819]-Virus report successful
Wed Nov 12 08:24:30 2025 do_virus_report[793]-Starting VIRUS REPORT
Wed Nov 12 08:24:30 2025 do_virus_report[819]-Virus report successful
Wed Nov 12 08:49:44 2025 upd_pkg_verify_fdnsetup_rsp[1462]-FDNSetup rsp code 200
Wed Nov 12 09:24:30 2025 do_virus_report[793]-Starting VIRUS REPORT
Wed Nov 12 09:24:35 2025 do_virus_report[819]-Virus report successful
Wed Nov 12 10:24:35 2025 do_virus_report[793]-Starting VIRUS REPORT
Wed Nov 12 10:24:35 2025 do_virus_report[819]-Virus report successful
System contracts:
HDWR,Sun Jul 26 2026
ENHN,Sun Jul 26 2026
COMP,Sun Jul 26 2026
FMWR,Sun Jul 26 2026
FURL,Sun Jul 26 2026
SPAM,Sun Jul 26 2026
SBCL,Sun Jul 26 2026
ZHVO,Sun Jul 26 2026
SPRT,Sun Jul 26 2026
FRVS,Sun Jul 26 2026
APDB,Sun Jul 26 2026
AVDB,Sun Jul 26 2026
ETDB,Sun Jul 26 2026
EXDB,Sun Jul 26 2026
MMDB,Sun Jul 26 2026
FLDB,Sun Jul 26 2026
DBDB,Sun Jul 26 2026
NIDB,Sun Jul 26 2026
NIET,Sun Jul 26 2026
MUDB,Sun Jul 26 2026
CIDB,Sun Jul 26 2026
AVEN,Sun Jul 26 2026
NIEN,Sun Jul 26 2026
UWDB,Sun Jul 26 2026
SFAS,Sun Jul 26 2026
MCDB,Sun Jul 26 2026
MADB,Sun Jul 26 2026
AFDB,Sun Jul 26 2026
AVAI,Sun Jul 26 2026
ICDB,Sun Jul 26 2026
FMWP,Sun Jul 26 2026
CASB,Sun Jul 26 2026
WIPS,Sun Jul 26 2026
WIET,Sun Jul 26 2026
WAPP,Sun Jul 26 2026
Account contracts:
Object versions: 07004000APDB00105-00034.00116-2511110136
07004000AVDB00201-00093.06277-2511111620
07004000AVDB00701-00093.06277-2511111620
07004000MMDB00101-00093.06277-2511111625
07004000FLDB00201-00093.06277-2511111640
07004000DBDB00100-00003.01473-2511102347
07004000NIDS02405-00006.00741-1512010230
07004000NIDS02705-00034.00116-2511110137
07004000ISDB00105-00006.00741-1512010230
07004000MUDB00103-00005.00593-2511110129
07004000CIDB00100-00001.00195-2510170632
07004000IPGO00000033052511040138
00000000FCNI00000-00000.00000-0000000000
00000000FDNI00000-00000.00000-0000000000
01000000FSCI00100-00000.00000-0000000000
07004000AVEN03100-00007.00046-2508150115
07004000FLEN07800-00007.00587-2508271856
07004000FFDB02108-00000.00000-0101010000
07004000FFDB01908-00000.00000-0101010000
07004000FFDB02008-00007.04372-2511111657
07004000FFSR00008-00007.04372-2511111657
07004000UWDB00100-00004.00770-2511110202
07004000CRDB00000-00001.00059-2508121400
07004000SFAS00000-00005.00054-2510121053
07004000MCDB00100-00001.00562-2511102335
01000000ALCI00000-00000.00000-0000000000
07004000MADB00200-00001.00297-2511042330
07004000AFDB00100-00001.00015-2403110831
07004000AVDB01901-00004.03417-2511111945
07004000IOTD00105-00000.00000-2208171731
07004000OTDB00105-00000.00000-0101010000
07004000ICDB00101-00001.00051-2506161505
07004000DLDB00300-00000.00000-0101010000
07004000OTDB00205-00000.00000-0101010000
07004000FMWP00105-00025.00090-2509151320
07004000CASB00201-00001.00009-2507301758
07004000NIDS05405-00006.00741-1512010230
07004000NIDS05705-00034.00116-2511110137
07004000APDB05105-00034.00116-2511110136
07004000TZDB00000-00001.00000-0000000000
Setup done once: yes
Next setup retry: none
Next sched update: Thu Nov 13 03:32:00 2025
Next update retry: none
Next virus report: Wed Nov 12 11:24:35 2025
Next fdnsetup: Wed Nov 12 20:49:44 2025
Last successful fdnsetup: Wed Nov 12 08:49:44 2025
Next signature check: Wed Nov 12 11:52:53 2025
Last successful signature check: Wed Nov 12 10:52:53 2025
Next FFDB ondemand update: N/A
Last successful FFDB ondemand update: N/A
Ring counters: pass=000000 fail=000000
Setup counters: pass=000001 fail=000001
Update counters: pass=000047 retry_fail=000002 final_fail=000000
Virus report counters: pass=000853 fail=000000 empty_stats=000000
Update Notification: total 0, last received at N/A
Support contract: pending_registration=255 got_contract_info=1
account_id=[agggggg@gmail.com] company=[XXXXXXX.] industry=[]
User ID: xxxxxxx
Solved! Go to Solution.
Labels:
- Labels:
-
FortiGate
1 Solution
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
here's a good article on how to test, by @Yurisk
https://yurisk.info/2020/07/26/fortigate-how-to-verify-and-test-if-ips-is-working/
"jack of all trades, master of none"
"jack of all trades, master of none"
5 REPLIES 5
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
How did you know that the IPS is not working?
Did you make any intrusion tests?
Are you using deep inspection in order to scan SSL traffic?
AEK
AEK
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I've run several tests, but nothing shows up. I have everything configured with deep-inspection, but it still doesn't appear or detect anything in IPS.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
here's a good article on how to test, by @Yurisk
https://yurisk.info/2020/07/26/fortigate-how-to-verify-and-test-if-ips-is-working/
"jack of all trades, master of none"
"jack of all trades, master of none"
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
IPS is working; I had the flow-based profile in inspection mode. Perhaps I accidentally changed the configuration. Thank you so much for your help.
Labels
-
FortiGate
10,858 -
FortiClient
2,221 -
FortiManager
908 -
FortiAnalyzer
693 -
5.2
687 -
5.4
638 -
FortiSwitch
602 -
FortiClient EMS
589 -
FortiAP
570 -
IPsec
457 -
6.0
416 -
SSL-VPN
396 -
FortiMail
383 -
5.6
362 -
FortiNAC
313 -
FortiWeb
259 -
6.2
251 -
FortiAuthenticator v5.5
234 -
SD-WAN
209 -
FortiAuthenticator
189 -
FortiGuard
162 -
5.0
152 -
Firewall policy
150 -
FortiGate-VM
143 -
6.4
128 -
FortiCloud Products
121 -
FortiToken
115 -
FortiSIEM
114 -
FortiGateCloud
113 -
Wireless Controller
97 -
High Availability
94 -
Customer Service
89 -
Routing
80 -
ZTNA
80 -
FortiProxy
79 -
SAML
79 -
VLAN
75 -
BGP
74 -
Fortivoice
73 -
DNS
73 -
Certificate
73 -
Authentication
72 -
FortiEDR
71 -
FortiADC
70 -
RADIUS
65 -
LDAP
65 -
FortiLink
60 -
SSO
58 -
NAT
57 -
FortiSandbox
55 -
FortiExtender
53 -
Interface
50 -
VDOM
50 -
4.0MR3
49 -
Application control
49 -
Virtual IP
46 -
Logging
44 -
FortiDNS
43 -
SSL SSH inspection
40 -
FortiGate v5.4
38 -
FortiSwitch v6.4
38 -
FortiPAM
38 -
Web profile
38 -
FortiConnect
35 -
Automation
35 -
FortiWAN
31 -
FortiConverter
31 -
API
30 -
FortiGate v5.2
28 -
Fortigate Cloud
27 -
Traffic shaping
26 -
Static route
26 -
SNMP
25 -
SSID
25 -
FortiSwitch v6.2
23 -
FortiPortal
23 -
System settings
23 -
WAN optimization
22 -
FortiMonitor
21 -
OSPF
21 -
Web application firewall profile
20 -
Security profile
19 -
Web rating
19 -
IP address management - IPAM
19 -
FortiSOAR
18 -
FortiAP profile
17 -
FortiGate v5.0
16 -
FortiDDoS
16 -
Explicit proxy
16 -
Admin
15 -
IPS signature
15 -
Proxy policy
15 -
Intrusion prevention
15 -
FortiManager v4.0
14 -
FortiCASB
14 -
NAC policy
14 -
FortiManager v5.0
13 -
DNS filter
13 -
Users
13 -
FortiDeceptor
12 -
Traffic shaping policy
12 -
Fabric connector
12 -
Port policy
12 -
FortiBridge
11 -
FortiRecorder
11 -
Trunk
11 -
Authentication rule and scheme
11 -
FortiAnalyzer v5.0
10 -
FortiWeb v5.0
10 -
Traffic shaping profile
10 -
Fortinet Engage Partner Program
10 -
FortiGate v4.0 MR3
9 -
RMA Information and Announcements
9 -
Antivirus profile
9 -
FortiCache
8 -
FortiToken Cloud
8 -
Application signature
8 -
4.0
7 -
4.0MR2
7 -
Packet capture
7 -
VoIP profile
7 -
Vulnerability Management
7 -
FortiScan
6 -
FortiNDR
6 -
DoS policy
6 -
FortiCarrier
5 -
FortiTester
5 -
DLP profile
5 -
DLP sensor
5 -
Email filter profile
5 -
Protocol option
5 -
TACACS
5 -
Cloud Management Security
5 -
3.6
4 -
FortiDirector
4 -
Internet service database
4 -
DLP Dictionary
4 -
Netflow
4 -
Replacement messages
4 -
SDN connector
4 -
Service
4 -
Multicast routing
4 -
FortiDB
3 -
FortiHypervisor
3 -
FortiAI
3 -
Kerberos
3 -
File filter
3 -
Multicast policy
3 -
FortiEdge Cloud
3 -
FortiInsight
2 -
Video Filter
2 -
Schedule
2 -
ICAP profile
2 -
Zone
2 -
Lacework
2 -
FortiGuest
2 -
4.0MR1
1 -
FortiManager-VM
1 -
FortiCWP
1 -
Subscription Renewal Policy
1 -
FortiSASE
1 -
Virtual wire pair
1 -
FortiEdge
1 -
FortiAIOps
1
Top Kudoed Authors
| User | Count |
|---|---|
| 2783 | |
| 1423 | |
| 812 | |
| 746 | |
| 455 |
Broad. Integrated. Automated.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Security Research
Company
News & Articles
Copyright 2025 Fortinet, Inc. All Rights Reserved.