Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
niyadpmofps
New Contributor

Unable to connect to FortiGuard servers

after uograde to fortiios 7.4.5 unable to connect fortiguard servers

fortigate 400f

 

i can ping all fortiguard servers but cannot connect to servers

 

thanks

6 REPLIES 6
srajeswaran
Staff
Staff

Can you collect debug as below to check further.

diagnose debug reset

diagnose debug application update -1

diagnose debug enable

execute update-now

Use below commands to disable debug.


diagnose debug disable

 

Regards,
Suraj
- Have you found a solution? Then give your helper a "Kudos" and mark the solution.
niyadpmofps
New Contributor

dns config.jpg

dns config

niyadpmofps
New Contributor

config system fortiguard
set fortiguard-anycast disable
set protocol https
set port 443
set load-balance-servers 1
set auto-join-forticloud enable
set update-server-location automatic
set sandbox-region "Europe"
set sandbox-inline-scan disable
set update-ffdb enable
set update-uwdb enable
set update-dldb enable
set update-extdb enable
set update-build-proxy enable
set vdom ''
set auto-firmware-upgrade disable
set FDS-license-expiring-days 15
set antispam-force-off disable
set antispam-cache enable
set antispam-cache-ttl 1800
set antispam-cache-mpermille 1
set antispam-timeout 7
set outbreak-prevention-force-off disable
set outbreak-prevention-cache enable
set outbreak-prevention-cache-ttl 300
set outbreak-prevention-cache-mpermille 1
set outbreak-prevention-timeout 7
set webfilter-force-off disable
set webfilter-cache enable
set webfilter-cache-ttl 3600
set webfilter-timeout 15
unset sdns-server-ip
set sdns-server-port 53
unset sdns-options
set source-ip 0.0.0.0
set source-ip6 ::
set proxy-server-ip ''
set proxy-server-port 0
set proxy-username ''
set proxy-password ENC a7woBpv6fp8or2qHFG5nlKXyzDv+j+8MUhVU6NvdFrkVqDrKT6Ymcp/QidYaQp6iWuURGh/ozuKcnygV2dKun039enzetVmFnHqXUVfFpgGfvvwhmOwTwUboPSWZ7Bd9sbjjXt3mviWDZglsDKA4LZ0wIumuLqXAAtRX7wrvt9x5QmkOu7Svj1iVy6cCWP+3A1sx2VlmMjY3dkVA
set ddns-server-ip 0.0.0.0
set ddns-server-ip6 ::
set ddns-server-port 443
set interface-select-method auto
end

niyadpmofps
New Contributor

FG400F-MOF-DC-A # diag hardware certificate
Checking Fortinet_CA.cer integrality ........Passed
Checking Fortinet_Factory.cer integrality ........Passed
Checking Fortinet_Factory.cer key-pair integrality ........Passed
Checking Fortinet_Factory.cer Serial-No. ........Passed
Checking Fortinet_Factory.cer timeliness ........Passed
Checking Fortinet_Factory.key integrality ........Passed

rosatechnocrat
Contributor II

Try setting the below in Fortiguard configuration and verify if it works. 

 

set sdns-server-ip "208.91.112.220"

 

 

Rosa Technocrat --

Also on YouTube---

Please do Subscribe
Rosa Technocrat --Also on YouTube---Please do Subscribe
nradia_FTNT

This is also a useful KB article for such issues. Make sure to backup config file and take screenshots before making any changes:

 

https://community.fortinet.com/t5/FortiGate/Technical-Tip-FortiGuard-is-not-reachable-via-Anycast-de....

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors