Hot!FortiOS 6.4.1 FortiGuard Filtering Services only use HTTPS/443

Author
Clarkey1891
New Member
  • Total Posts : 1
  • Scores: 0
  • Reward points: 0
  • Joined: 2020/07/30 17:14:03
  • Status: offline
2020/07/30 17:31:34 (permalink)
0

FortiOS 6.4.1 FortiGuard Filtering Services only use HTTPS/443

I thought this might be helpful for others to know
 
So the issue we were having was that in 6.2.3 we were able to use port 8888 for the FortiGuard Filtering Services. But once we upgraded to 6.4.1 it was only to use 443.

config system fortiguard
set protocol HTTPS(Would not allow change to UDP)
set port 443(Would not allow change to any other port)
 
The error we would get for "set protocol udp" was
 
command parse error before 'udp'
command fail. Return code -61
 
And similarly the error we would get for "set port 8888" was
 
command parse error before '8888'
command fail. Return code -61
 
So it turns out that after speaking to one of the Enterprise Solution Architects the issue use fixed by changing
 
config system fortiguard
set fortiguard-anycast enable

to

config system fortiguard
set fortiguard-anycast disable

then we were able to make the settings this (Details Omitted with *)
config system fortiguard
set protocol udp
set port 8888
set fortiguard-anycast disable
set proxy-server-ip *.*.*.*
set proxy-server-port 3128
set proxy-username *
set proxy-password *

So long story short if "fortiguard-anycast" is set to "enable" on 6.4.1 the only option for "FortiGuard Filtering Services" is HTTPS/443 but with it set to "disable" UDP and the other port (eg. 8888) become options you can set in the CLI
#1
sw2090
Expert Member
  • Total Posts : 824
  • Scores: 60
  • Reward points: 0
  • Joined: 2017/06/14 01:27:25
  • Location: Regensburg
  • Status: offline
Re: FortiOS 6.4.1 FortiGuard Filtering Services only use HTTPS/443 2020/07/30 23:24:19 (permalink)
0
I am looking at this wondering since Fortinet did recomend port 8888/udp in the release notes of 6.2.x ...
#2
lobstercreed
Platinum Member
  • Total Posts : 345
  • Scores: 43
  • Reward points: 0
  • Joined: 2018/11/28 14:57:58
  • Location: Sedalia, MO
  • Status: offline
Re: FortiOS 6.4.1 FortiGuard Filtering Services only use HTTPS/443 2020/07/31 00:21:41 (permalink)
0
I bumped up against this with one of the several tickets I had to open on 6.4.1 and the first tech didn't know this.  Just learned this week about this configuration.  Thanks for putting it out there!
#3
Jump to:
© 2020 APG vNext Commercial Version 5.5