- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Unable to connect to FortiGuard servers
after uograde to fortiios 7.4.5 unable to connect fortiguard servers
fortigate 400f
i can ping all fortiguard servers but cannot connect to servers
thanks
- Labels:
-
FortiGate
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Can you collect debug as below to check further.
diagnose debug reset
diagnose debug application update -1
diagnose debug enable
execute update-now
Use below commands to disable debug.
diagnose debug disable
Suraj
- Have you found a solution? Then give your helper a "Kudos" and mark the solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
dns config
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
config system fortiguard
set fortiguard-anycast disable
set protocol https
set port 443
set load-balance-servers 1
set auto-join-forticloud enable
set update-server-location automatic
set sandbox-region "Europe"
set sandbox-inline-scan disable
set update-ffdb enable
set update-uwdb enable
set update-dldb enable
set update-extdb enable
set update-build-proxy enable
set vdom ''
set auto-firmware-upgrade disable
set FDS-license-expiring-days 15
set antispam-force-off disable
set antispam-cache enable
set antispam-cache-ttl 1800
set antispam-cache-mpermille 1
set antispam-timeout 7
set outbreak-prevention-force-off disable
set outbreak-prevention-cache enable
set outbreak-prevention-cache-ttl 300
set outbreak-prevention-cache-mpermille 1
set outbreak-prevention-timeout 7
set webfilter-force-off disable
set webfilter-cache enable
set webfilter-cache-ttl 3600
set webfilter-timeout 15
unset sdns-server-ip
set sdns-server-port 53
unset sdns-options
set source-ip 0.0.0.0
set source-ip6 ::
set proxy-server-ip ''
set proxy-server-port 0
set proxy-username ''
set proxy-password ENC a7woBpv6fp8or2qHFG5nlKXyzDv+j+8MUhVU6NvdFrkVqDrKT6Ymcp/QidYaQp6iWuURGh/ozuKcnygV2dKun039enzetVmFnHqXUVfFpgGfvvwhmOwTwUboPSWZ7Bd9sbjjXt3mviWDZglsDKA4LZ0wIumuLqXAAtRX7wrvt9x5QmkOu7Svj1iVy6cCWP+3A1sx2VlmMjY3dkVA
set ddns-server-ip 0.0.0.0
set ddns-server-ip6 ::
set ddns-server-port 443
set interface-select-method auto
end
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
FG400F-MOF-DC-A # diag hardware certificate
Checking Fortinet_CA.cer integrality ........Passed
Checking Fortinet_Factory.cer integrality ........Passed
Checking Fortinet_Factory.cer key-pair integrality ........Passed
Checking Fortinet_Factory.cer Serial-No. ........Passed
Checking Fortinet_Factory.cer timeliness ........Passed
Checking Fortinet_Factory.key integrality ........Passed
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Try setting the below in Fortiguard configuration and verify if it works.
set sdns-server-ip "208.91.112.220"
Also on YouTube---
Please do Subscribe
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
This is also a useful KB article for such issues. Make sure to backup config file and take screenshots before making any changes: