Fortinet black logo

Cookbook

Home FortiGate / FortiOS 6.0.0 Cookbook

Troubleshooting

6.0.0
6.2.16
6.2.15
6.2.14
6.2.13
6.2.12
6.2.11
6.2.10
6.2.9
6.2.8
6.2.7
6.2.6
6.2.5
6.2.4
6.2.3
6.2.2
6.2.0
6.0.0
5.6.0
5.4.0
Copy Link
Copy Doc ID a4a06ec3-12a7-11e9-b86b-00505692583a:565737
Download PDF

Troubleshooting

If you need to add or renew a subscription, go to Fortinet Support.

If a license that should be active isn’t currently available, you can use the following steps to troubleshoot your connection. After each troubleshooting step, go to System > FortiGuard to check if the licenses are now showing as available.

Connecting to FortiGuard

  1. To prompt your FortiGate to connect to FortiGuard, connect to the CLI and use the following command:

    diagnose debug application update -1

    diagnose debug enable

    execute update-now

  2. If your FortiGate has multiple VDOMs, make sure that you use the management VDOM and that the VDOM has Internet access. To set the proper VDOM as the management VDOM, use the following command:

    config system global

    set management-vdom

    end

Checking FortiGuard filtering

  1. To test if FortiGuard is reachable, go to System > FortiGuard.

  2. Under Filtering, check Filtering Services Availability. If you don’t see a green check mark, select Check Again.

  3. If you still don’t see a green check mark, change the FortiGuard Filtering Port to the alternate port (8888). Select Apply and see if the services become available.

    Note

    If you're updating FortiGuard using a FortiManager, the FortiGuard Filtering Port can also be 80.

Testing the DNS

  1. To test if your DNS can reach FortiGuard, use the following CLI command:

    execute ping guard.fortinet.net

  2. If you can reach the address, run the following command:

    diagnose debug application update -1

    diagnose debug enable

    execute update-now

  3. If you can’t reach the address, go to System > DNS and verify that the settings are correct. Then run the PING test again.

Contacting Support

If you still can’t connect, contact Fortinet Support.

Previous
Next

Related Videos

sidebar video

How to Purchase or Renew FortiGuard Services (6.0)

  • 130,533 views
  • 6 years ago

Troubleshooting

If you need to add or renew a subscription, go to Fortinet Support.

If a license that should be active isn’t currently available, you can use the following steps to troubleshoot your connection. After each troubleshooting step, go to System > FortiGuard to check if the licenses are now showing as available.

Connecting to FortiGuard

  1. To prompt your FortiGate to connect to FortiGuard, connect to the CLI and use the following command:

    diagnose debug application update -1

    diagnose debug enable

    execute update-now

  2. If your FortiGate has multiple VDOMs, make sure that you use the management VDOM and that the VDOM has Internet access. To set the proper VDOM as the management VDOM, use the following command:

    config system global

    set management-vdom

    end

Checking FortiGuard filtering

  1. To test if FortiGuard is reachable, go to System > FortiGuard.

  2. Under Filtering, check Filtering Services Availability. If you don’t see a green check mark, select Check Again.

  3. If you still don’t see a green check mark, change the FortiGuard Filtering Port to the alternate port (8888). Select Apply and see if the services become available.

    Note

    If you're updating FortiGuard using a FortiManager, the FortiGuard Filtering Port can also be 80.

Testing the DNS

  1. To test if your DNS can reach FortiGuard, use the following CLI command:

    execute ping guard.fortinet.net

  2. If you can reach the address, run the following command:

    diagnose debug application update -1

    diagnose debug enable

    execute update-now

  3. If you can’t reach the address, go to System > DNS and verify that the settings are correct. Then run the PING test again.

Contacting Support

If you still can’t connect, contact Fortinet Support.

Previous
Next