I recently started to receive the following errors when I run "diagnose debug config-error-log read" on my FortiGate 60F running 7.2.0. The only thing we did recently is add a REST API user. However, even after a factory reset we get these.
ffdb_app_map_process-2000: wrong word 5530
ffdb_app_map_process-2000: wrong word 43
ffdb_app_map_process-2000: wrong word 4303
ffdb_app_map_process-2000: wrong word 194
ffdb_app_map_process-2000: wrong word 47
ffdb_err_msg_print: ret=-10, Error: open map res file error
I've been doing a lot of searching and can't seem to figure it out. Any ideas what they are and how to resolve it?
Thanks in advance!
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Created on 07-01-2022 02:46 AM Edited on 07-01-2022 02:47 AM
If the support expired, the exec update-now will not give you joy anymore, that might indeed be related. The DB updates are fortiguard services and tied to a support contract with that serial number.
So AV DB and others will be out of date.
There should be no issues on general networking, but the security profiles and ISDB, if used, may not work correctly.
Hi kscurloc,
the command spits out if FFortiGate is unable to write some config section details somewhere. In this case I am not sure where to, but it sounds like an AVDB, ISDB, application DB or so. Try two things:
diag debug app update -1
diag debug console timestamp enable
diag debug enable
exec update-now
leave that running. There might be some details with your support contract and the DBs updated.
Next thing - see if there are processes crashing
diag debug crashlog read
Hope this gives more insight.
Best regards,
Markus
Thanks Markus!
So I did both things you suggested.
The first I ran and let sit overnight. Didn't see glaring errors. Nor many references to AVDB or ISDB.
The second just shows normal interfaces and daemons starting/stopping (because of reboots, I'm assuming).
I did another factory reset this morning, and the same messages appear.
Via the GUI, I just viewed the System Events and saw this:
(FortiGate database signature invalid)
"Another factory reset"? So you did them before?
The exec update-now should basically fix that (provided there is a support contract as data is pulled from FortiGuard).
I've done several factory resets, yes. In fact I did another one just now. Every time it comes back with these same messages. I get the same system event log messages I included in my screen shot, and when I run "diagnose debug config-error-log read" I get the ffdb messages.
This device is plugged into the network and receiving a routable IP to the internet via DHCP. So it is connecting to sites like support.fortinet.com, etc.
I've also tried reflashing the firmware, which didn't help.
And for the record, it's not causing any issues (that I'm aware of). It's just been happening the past few days and seemed suspicious.
I have the device registered to FortiCare Support. However, support actually expired last year at some point. I wouldn't think that would cause this issue?
Created on 07-01-2022 02:46 AM Edited on 07-01-2022 02:47 AM
If the support expired, the exec update-now will not give you joy anymore, that might indeed be related. The DB updates are fortiguard services and tied to a support contract with that serial number.
So AV DB and others will be out of date.
There should be no issues on general networking, but the security profiles and ISDB, if used, may not work correctly.
Thanks for the continued support Markus!
While I certainly understand the inability to update once support expires, that message is a little daunting...especially if this were in production. Luckily mine is not. But I understand the need to keep support updated. Just wish that message were a little more clear and represented that fact.
I agree; sometimes "developerish" might be not the easiest to read.
Your thread might however help others to find the same solution!
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1720 | |
1094 | |
752 | |
447 | |
234 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.