Created on 10-08-2004 12:00 AM Edited on 06-03-2022 09:07 AM By Anthony_E
Article
Description |
This article describes how to diagnose anti virus engine and antivirus definition update issues. If the antivirus engine or antivirus definition version says '0.00' contact the local Fortinet Support site. |
Fortinet Products | All FortiGates.. |
Steps |
Before contacting Technical Support, verify the following settings:
- A valid DNS server has been configured for the FortiGate unit. Try the CLI command exec ping service.fortiguard.net. The FortiGate should be able to resolve the DNS name to an IP. Note that if a host behind the FortiGate is able to resolve DNS name does not necessarily mean that the FortiGate can since the two can be configured with different DNS servers. - The FortiGate unit has a valid default gateway set. Try pinging a public Internet address to test the default gateway.
Try the following connectivity tests: 2) Verify that the FortiGate unit can contact the secondary Fortinet Distribution Network (FDN) server by pinging the server from the command line interface (CLI). Enter exec ping fds1.Fortinet.com.
3) If the secondary server responds to the ping, the specific update traffic may be blocked in the network. In Transparent mode, the Management IP should be mapped to a routable IP.
Look for the following protocols which the FortiGate unit uses to connect to the FDN:
- TCP/443 port is used for the SSL connection to retrieve the updates.
- UDP/9443 is for receiving PUSH announcements.
5) The FortiGate has a diagnose command to monitor the traffic on an interface. Enter:
1) Log in to the FortiGate CLI using a console cable or Telnet/SSH session.
# dia debug app up 3
3) From the web based manager, select Update Now on the system update page.
|
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.