Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
AEF
New Contributor

update Fortigate 110C

Hi, In my fortigate 110C, i have 2 wan ports gives access to internet, but i can' t do the update automaticaly of firewall The ping doesn' t work from the firewall(fortigate 110c) to the internet, the connexion work to the protocoles 80, 443, What should I do to make the update work thank you in advance
15 REPLIES 15
rwpatterson
Valued Contributor III

Make sure any interface facing the Internet has NAT enabled, and try again.

Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com

Bob - self proclaimed posting junkie!See my Fortigate related scripts at: http://fortigate.camerabob.com
AEF
New Contributor

Hello, The NAT is enabled, but there is no update of firewall
rwpatterson
Valued Contributor III

Check the DNS settings. If the FGT cannot resolve the names, updates will fail. Your PING test, was it by FQDN or IP address? Try a PING to 8.8.8.8 and let us know if that works.

Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com

Bob - self proclaimed posting junkie!See my Fortigate related scripts at: http://fortigate.camerabob.com
emnoc
Esteemed Contributor III

NAT has nothing todo with the src_address from the fortigate. Can you ping your next-hop for the internet gateway

PCNSE 

NSE 

StrongSwan  

PCNSE NSE StrongSwan
rwpatterson
Valued Contributor III

Unless it' s a private address. But in this case HTTP and HTTPS work from another network. That' s why I asked about DNS on the FGT itself and how he PINGed.

Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com

Bob - self proclaimed posting junkie!See my Fortigate related scripts at: http://fortigate.camerabob.com
AEF
New Contributor

Hello again, The DNS is configured with 2 address DNS, and the ping does not work I have many rules I think that there are rules which cancel the use of updated because when I change the priorité of connexion to the internet, the ping and the updates work automatically, but the web connexion does not work I think that I must create another rule just to do the updates, but I haven' t the tcp or udp port protocol thank you in Advance
AEF
New Contributor

hello again, Is there a solution for this problem. thank' s
emnoc
Esteemed Contributor III

Firewall policies have nothing to do with the fortigate updates process unless you have some local-policies. Dumb questions, do you have any thing upstream like a router ACL or another firewall that blocks updates? Have you looked at list of ports that the fortigate uses? And have you done any diag sniffer diagnostics? http://kb.fortinet.com/kb/viewContent.do?externalId=10773

PCNSE 

NSE 

StrongSwan  

PCNSE NSE StrongSwan
rwpatterson
Valued Contributor III

Do you have any policy routes mucking up things?

Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com

Bob - self proclaimed posting junkie!See my Fortigate related scripts at: http://fortigate.camerabob.com
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors