Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Randall_Farr
New Contributor

FortiCloud logging stops after 5.0->5.21 upgrade (solved)

Last night I performed an upgrade of my 60D from firmware 5.0 to 5.21. The upgrade seemed to go successfully with no immediate indication of troubles. However, today when I tried to click the FortiCloud ' Launch Portal' button from the FortiGate' s dashboard, I got a the following failure: Firefox can' t establish a connection to the server at fams.fortinet.com. Also, under Log & Report -> Log Config -> Log Settings, under ' Send Logs to FortiCloud' , clicking the ' Test Connectivity' resulted in a failure message. From the CLI I did the following:
config log fortiguard setting
 get
which returned:
status              : enable
 upload-option       : realtime
 enc-algorithm       : default
 source-ip           : 0.0.0.0
 
It appears that the source-ip was cleared during the upgrade, though I could not find mention of this in the 5.2 upgrade release notes. Setting the source-ip to the correct IP addresses resolved the issues. Hope this helps someone!
5 REPLIES 5
YtseJam
New Contributor III

HI,

 

Regarding this issue of yours, what ip must be used as source ip for the forticloud?

 

Regards,

Jam

CBaezLe
New Contributor III

Randall Farr wrote:
Last night I performed an upgrade of my 60D from firmware 5.0 to 5.21. The upgrade seemed to go successfully with no immediate indication of troubles. However, today when I tried to click the FortiCloud ' Launch Portal' button from the FortiGate' s dashboard, I got a the following failure: Firefox can' t establish a connection to the server at fams.fortinet.com. Also, under Log & Report -> Log Config -> Log Settings, under ' Send Logs to FortiCloud' , clicking the ' Test Connectivity' resulted in a failure message. From the CLI I did the following:
config log fortiguard setting
get
which returned:
status : enable
upload-option : realtime
enc-algorithm : default
source-ip : 0.0.0.0
It appears that the source-ip was cleared during the upgrade, though I could not find mention of this in the 5.2 upgrade release notes. Setting the source-ip to the correct IP addresses resolved the issues. Hope this helps someone!

 

Thank you! I had this issue for over 3 months and today I came across this post, now it's solved!

 

Cheers!

Randall_Farr
New Contributor

In response to YtseJam's question, I went back and looked at my config to see what I changed the sourec-ip value to. I believed that I had set it to the FortiGate's LAN IP address. I was surprised to find that it is currently set to:

source-ip : 0.0.0.0

 

I went back and reviewed my config backup files for the last few months and cannot find an instance where the 'config log fortiguard' setting includes anything other than:

config log fortiguard setting
    set status enable
end

 

At this point I can only guess that my previous attempt to set the source-ip was the equivalent of 'jiggling the handle' which got logs flowing again. Seeing as how attempting to set the source-ip did not result in the data being saved to the config, I hereby retract my earlier assertion that  setting the correct IP address here is the real fix for this issue.

 

CBaezLe- can you check your config file to see if you were actually able to set the source-ip?

config log fortiguard setting
YtseJam
New Contributor III

Hi Randall Farr,

 

Thank you for the information you'd shared to us. 

 

Cheers

CBaezLe
New Contributor III

Randall Farr wrote:

In response to YtseJam's question, I went back and looked at my config to see what I changed the sourec-ip value to. I believed that I had set it to the FortiGate's LAN IP address. I was surprised to find that it is currently set to:

source-ip : 0.0.0.0

 

I went back and reviewed my config backup files for the last few months and cannot find an instance where the 'config log fortiguard' setting includes anything other than:

config log fortiguard setting
    set status enable
end

 

At this point I can only guess that my previous attempt to set the source-ip was the equivalent of 'jiggling the handle' which got logs flowing again. Seeing as how attempting to set the source-ip did not result in the data being saved to the config, I hereby retract my earlier assertion that  setting the correct IP address here is the real fix for this issue.

 

CBaezLe- can you check your config file to see if you were actually able to set the source-ip?

config log fortiguard setting

Hi Randall.

 

Yes, I was able the change the source-ip. 

config log fortiguard setting
 
FG (setting) # get
status : enable
upload-option : realtime
enc-algorithm : default
source-ip : 192.168.0.254
 
FG (setting) # set source-ip 0.0.0.0
 
FG (setting) # get
status : enable
upload-option : realtime
enc-algorithm : default
source-ip : 0.0.0.0
 
FG (setting) # end
 

 

Now I'm changing it back to 0.0.0.0 to run some test. I'll let you guys know how it went.

 

Cheers