Fortigate 40F fortiguard-log issue

salassilvaj · ‎03-13-2024

Community

Following issue showed a wrong connection to Fortiguard-log server, password is correct and worked properly with another Fortigate device, diagnose log is activate:

FORTI-40F # execute fortiguard-log login xxxMAILxxx xxxPWDxxx
2024-03-13 12:52:46 [643] fds_https_stop_server: 173.243.143.6:443
2024-03-13 12:52:46 [205] __ssl_data_ctx_free: Done
2024-03-13 12:52:46 [1047] ssl_free: Done
2024-03-13 12:52:46 [197] __ssl_cert_ctx_free: Done
2024-03-13 12:52:46 [1057] ssl_ctx_free: Done
2024-03-13 12:52:46 [1038] ssl_disconnect: Shutdown
2024-03-13 12:52:46 [554] fds_https_timeout: Connection timed out, svr=Forticlient-svr
2024-03-13 12:52:46 [246] fds_svr_default_on_error: Forticlient-svr: ip=173.243.143.6:443, reason=4
2024-03-13 12:52:46 [263] fds_svr_default_on_error: Forticlient-svr: Conn failes 1/2
2024-03-13 12:52:46 [145] fds_svr_default_pickup_server: Forticlient-svr: [2620:101:9000:143:173:243:143:6]:443
Failed: FGT internal error(-1)
Command fail. Return code 5

FORTI-40F # 2024-03-13 12:52:56 [643] fds_https_stop_server: [2620:101:9000:143:173:243:143:6]:443
2024-03-13 12:52:56 [145] fds_svr_default_pickup_server: Forticlient-svr: 173.243.143.6:443
2024-03-13 12:52:56 [589] fds_https_start_server: server: 173.243.143.6:443
2024-03-13 12:52:56 [590] fds_https_start_server: source-ip: 0.0.0.0:0
2024-03-13 12:52:56 [114] __ssl_cert_ctx_load: Added cert /etc/cert/factory/root_Fortinet_Factory.cer, root ca Fortinet_CA, idx 0 (default)
2024-03-13 12:52:56 [482] ssl_ctx_use_builtin_store: Loaded Fortinet Trusted Certs
2024-03-13 12:52:56 [488] ssl_ctx_use_builtin_store: Enable CRL checking.
2024-03-13 12:52:56 [495] ssl_ctx_use_builtin_store: Enable OCSP Stapling.
2024-03-13 12:52:56 [767] ssl_ctx_create_new: SSL CTX is created
2024-03-13 12:52:56 [794] ssl_new: SSL object is created
2024-03-13 12:52:56 [86] https_create: proxy server 0.0.0.0 port:0
2024-03-13 12:52:56 [206] forticldd_add_hostname_check: Add hostname checking 'globalfctupdate.fortinet.net'
2024-03-13 12:52:56 [573] __tcps_tcp_start_connect: sockfd=11, server=173.243.143.6:443, use_harelay=0, use_proxy=0
2024-03-13 12:52:56 [577] __tcps_tcp_start_connect: ret=-1
2024-03-13 12:52:56 [582] __tcps_tcp_start_connect: errno=115(Operation now in progress)
2024-03-13 12:52:56 [870] tcps_connect: 173.243.143.6:443 -- ret 0, state 0x0(Intialized) -> 0x11(Connecting)

FORTI-40F# execute ping service.fortiguard.net
PING guard.fortinet.net (12.34.97.71): 56 data bytes
^C
--- guard.fortinet.net ping statistics ---
5 packets transmitted, 0 packets received, 100% packet loss

Consider all fortiguard pool /24 are staticly routed to internet connection, and other devices can reach fortiguard domain with same routing. DNS is set to 8.8.8.8.

Jonathan Salas

hbac · ‎03-14-2024

Hi @salassilvaj,

Can you make sure that FortiGate serial number is registered under the same email that you are trying to login with?

You also need to specify domain when trying to login. Please refer to https://community.fortinet.com/t5/FortiGate/Technical-Tip-Logging-in-to-FortiCloud-from-FortiGate-CL...

Regards,

View solution in original post

hbac · ‎03-14-2024

Hi @salassilvaj,

Can you make sure that FortiGate serial number is registered under the same email that you are trying to login with?

You also need to specify domain when trying to login. Please refer to https://community.fortinet.com/t5/FortiGate/Technical-Tip-Logging-in-to-FortiCloud-from-FortiGate-CL...

Regards,

salassilvaj · ‎03-14-2024

This topic is under another trail similar subject, tyvm by your feedback

Jonathan Salas