The steps required to connect to FortiGuard services are clearly explained in the FortiWeb Administration Guides which are available in the Fortinet Document Library.
This article provides a few basic troubleshooting steps if there are difficulties establishing the connection.
Solution
If there are difficulties in establishing the connection to FortiGuard and receiving updates, try an 'exec update-now' and wait at least an hour to be safe. If that does not work, proceed to the next steps.
1. Is there a static route on the FortiWeb to direct traffic to the upstream gateway?
2. Has the FortiWeb service contract(s) been registered on the support site for this unit? Keep in mind that the FortiWeb Security Service and AV Service are sold separately.
3. Is there an upstream device that is performing NAT? If in reverse-proxy mode we recommend that a NAT device is upstream.
4. Can the FortiWeb ping an external IP?: exec ping 8.8.8.8
5. Is the flash okay? Check the crashlog (diag deb cr re) and console output during reboot. May see output like this:
failed to create crash file: Read-only file system miglog_disk_create_upload_dir error
If that is the case backup the config if at all possible and try formatting the flash, reloading the firmware and config and try again.
6. Check the disk usage particularly for /var/log:
diagnose system mount list
If usage is high, for example 99%, format the log disk (this will require a reboot).
7. Perform a sniffer to see if the 443 and port 53 traffic is only egress and not ingress. Both these ports are required for FortiGuard services to work.
