- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Offline license validation FAZ
Hello!
I testing offline license validation for my closed network installation and meet some troubles.
I have
FortiAnalyzer
7.2.5 with evaluation license and while it is connected to Forti validation servers it`s OK, but when I disconnect it from internet the license drops to Duplicate License" status, and I have log messages like:
"License validation state changes from Trial License Init to Found disconnecting because of Server No Response"
and after that:
"License validation abnormal: state Expired Grace Period on disconnecting, event Server No Response"
and FAZ ask for internet connection to validate license or upload .lic file.
Uploading lic file resolve this problem for about a 1 hour and then I get license issue again.
I tried "Method 2" as described there: https://community.fortinet.com/t5/FortiManager/Technical-Tip-FortiManager-FortiAnalyzer-VM-License-V...
Add FAZ mgmt ip to support portal and download new license file, but problem still there.
some diagnostics from FAZ when license is already duplicated but still working:
FAZVM64-KVM # get system status
Platform Type : FAZVM64-KVM
Platform Full Name : FortiAnalyzer-VM64-KVM
Version : v7.2.5-build1574 240313 (GA)
Serial Number : FAZ-VMTM24011375
BIOS version : 04000002
Hostname : FAZVM64-KVM
Max Number of Admin Domains : 2
Admin Domain Configuration : Enabled
FIPS Mode : Disabled
HA Mode : Stand Alone
Branch Point : 1574
Release Version Information : GA
Current Time : Fri Dec 06 11:23:41 ICT 2024
Daylight Time Saving : No
Time Zone : (GMT+7:00) Bangkok, Hanoi, Jakarta.
x86-64 Applications : Yes
Disk Usage : Free 177.02GB, Total 195.86GB
File System : Ext4
License Status : Valid
--------------------------------------------------------------------------------------------------------------
FAZVM64-KVM # diag debug vminfo
VM license is valid.
fds_code: 0
Validation: Duplicate License
Expired in : 6 days 23 hours 26 minutes
Type: Trial
Licensed GB/Day: 1
Max devices: 3
Management IP: 192.168.0.40
Serial Number: FAZ-VMTM24011375
VM UUID: 27113e2a-0e06-4c72-a562-dacffd77fe23
- Labels:
-
FortiAnalyzer
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Refer:-
Salon Raj Joshi
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thank, but I mention that I try this instruction and it`s not worked(
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
Registering FAZ in Air-gapped environment "No internet", will require having an Entitlement file
The Entitlement file can be requested from CS by creating a support ticket with them requesting to have the entitlement file for your FAZ
The same can be found in the below article:
Created on ‎12-08-2024 08:26 AM Edited on ‎12-08-2024 10:33 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thank you for link, but it`s not fully resolve the problem =(
I get entitlement file from CS and successfully activate my FAZ without internet connection, but in about 5 minutes after restart I get "Duplicate license" error and log message that license status changed to Found disconnected because of server no response.
And in about an hour licence dropped to invalid.
I can`t understand why FAZ try check license via internet. This feature is disabled:
config fmupdate publicnetwork
set status disable
end
I haven`t any other VM`s with this account or serial number.
upd. I use FAZ-KVM and somewhere I found that this "Duplicate license" error may appear because of hypervisor and to avoid this recommended set machine version to 7.2. I did it aslo, but problem still there.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
May you please advise how port1 was configured and was it given a static IP or dynamic IP?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
it has static ip and this ip is in asset manager.
But I possibly found the answer - I do my tests with evaluation licence FAZ VM and it`s just don`t support offline validation.
![](/skins/images/314F488D15A2016126B094729A0E57E8/responsive_peak/images/icon_anonymous_message.png)