Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
EvanRaci
New Contributor III

VDOM Enabled FortiGate showing alerts "Unable to reach FortiGuard Service "

Hi All,

We're using VDOMs in our FortiGate Firewalls.

FortiGate is running HA and using Dedicated Management interface for Active and Standby Node.

Dedicated Management subnets have no internet access.

The root VDOM, we didn’t configure anything and leave with default settings . So there is no interface to go internet from root VDOM.

We’ve another 4 VDOMs other than root VDOM and those 4 VDOMs can go internet. We are running VLAN interface within each VDOMs and those VLANs can go internet.

Currently, FortiGate is showing the alert “Unable to connect to FortiGuard Server”.

We configured per VDOM DNS setting and from each VDOM , we can ping update.fortiguard.net.

But from root VDOM or management interface, it cannot reach to update.fortiguard.net as there is no internet access.

With our current deployment, how can we configure FortiGate to reach FortiGuard Service as we need to do license registration. Can we configure one of the interfaces from non-root VDOM to access FortiGuard Services because only non-root VDOM has internet access in our current deployment.

What is recommended , normal deployment for FortiGuard Service for a deployment like us?

Pease help suggest, thank you so much.

2 REPLIES 2
funkylicious
Contributor III

geek
EvanRaci

Thank you let me try this 

Labels
Top Kudoed Authors