Scribd
Upload
71 views6 pages

Ut

This FortiGate firewall is running version 7.0.3 of the firmware. It is experiencing connectivity issues reaching Fortinet update servers, as multiple attempts to update security databases and other components failed with timeout errors. The firewall's security databases are out of date, with the most recent updates occurring in November 2020.

Uploaded by

Alwis Syalman
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
71 views6 pages

Ut

This FortiGate firewall is running version 7.0.3 of the firmware. It is experiencing connectivity issues reaching Fortinet update servers, as multiple attempts to update security databases and other components failed with timeout errors. The firewall's security databases are out of date, with the most recent updates occurring in November 2020.

Uploaded by

Alwis Syalman
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 6

DSRB-S-FW-1 # get system status

Version: FortiGate-100E v7.0.3,build0237,211207 (GA)


Firmware Signature: certified
Virus-DB: 81.00908(2020-11-17 17:20)
Extended DB: 81.00908(2020-11-17 17:20)
AV AI/ML Model: 0.00000(2001-01-01 00:00)
IPS-DB: 6.00741(2015-12-01 02:30)
IPS-ETDB: 0.00000(2001-01-01 00:00)
APP-DB: 6.00741(2015-12-01 02:30)
INDUSTRIAL-DB: 6.00741(2015-12-01 02:30)
IPS Malicious URL Database: 2.00831(2020-11-17 04:54)
Serial-Number: FG100ETK18038839
BIOS version: 05000008
System Part-Number: P18827-04
Log hard disk: Not available
Hostname: DSRB-S-FW-1
Private Encryption: Disable
Operation Mode: NAT
Current virtual domain: root
Max number of virtual domains: 10
Virtual domains status: 1 in NAT mode, 0 in TP mode
Virtual domain configuration: disable
FIPS-CC mode: disable
Current HA mode: standalone
Branch point: 0237
Release Version Information: GA
System time: Wed Feb 9 19:06:21 2022
Last reboot reason: warm reboot

DSRB-S-FW-1 # get router info routing-table all


Codes: K - kernel, C - connected, S - static, R - RIP, B - BGP
O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default

Routing table for VRF=0


S* 0.0.0.0/0 [10/0] via 10.41.0.181, wan1
S 10.0.0.0/8 [10/0] via 10.41.0.181, wan1
S 10.41.0.0/16 [10/0] via 10.41.2.254, lan
C 10.41.0.0/24 is directly connected, wan1
C 10.41.1.0/24 is directly connected, VL301
C 10.41.2.0/24 is directly connected, lan
S 49.231.172.250/32 [5/0] via 58.82.131.1, wan2
C 58.82.131.0/27 is directly connected, wan2
S 192.168.99.5/32 [10/0] via 10.41.0.181, wan1
S 192.168.99.6/32 [10/0] via 10.41.0.181, wan1
S 192.168.99.11/32 [10/0] via 10.41.0.181, wan1

DSRB-S-FW-1 # diag debug enable

DSRB-S-FW-1 # diag debug application update -1


Debug messages will be on for 26 minutes.

DSRB-S-FW-1 # execute update-now

DSRB-S-FW-1 #
DSRB-S-FW-1 # tcp_connect_fds[256]-select() timed out
upd_comm_connect_fds[469]-Failed TCP connect
upd_comm_connect_fds[455]-Trying FDS 173.243.138.66:443

DSRB-S-FW-1 # tcp_connect_fds[256]-select() timed out


upd_comm_connect_fds[469]-Failed TCP connect
upd_comm_connect_fds[455]-Trying FDS 208.184.237.66:443
tcp_connect_fds[256]-select() timed out
upd_comm_connect_fds[469]-Failed TCP connect
do_check_wanip[770]-Failed getting wan ip
upd_daemon[1789]-Received update now request
upd_daemon[1603]-Found cached action=00000002
do_update[608]-Starting now UPDATE (final try)
__update_upd_comp_by_settings[465]-Disabling AVEN/FLEN/NIDSDB/FLDB/APPDB/ISDB
components.
upd_fds_load_default_server6[1038]-Resolve and add fds update.fortiguard.net ipv6
address failed.
upd_comm_connect_fds[455]-Trying FDS 173.243.138.67:443

DSRB-S-FW-1 # tcp_connect_fds[256]-select() timed out


upd_comm_connect_fds[469]-Failed TCP connect
upd_comm_connect_fds[455]-Trying FDS 173.243.138.66:443

DSRB-S-FW-1 # tcp_connect_fds[256]-select() timed out


upd_comm_connect_fds[469]-Failed TCP connect
upd_comm_connect_fds[455]-Trying FDS 208.184.237.66:443

DSRB-S-FW-1 # tcp_connect_fds[256]-select() timed out


upd_comm_connect_fds[469]-Failed TCP connect
do_update[615]-UPDATE failed
do_check_wanip[766]-Starting getting wan ip
upd_fds_load_default_server6[1038]-Resolve and add fds update.fortiguard.net ipv6
address failed.
upd_comm_connect_fds[455]-Trying FDS 173.243.138.67:443
tcp_connect_fds[256]-select() timed out
upd_comm_connect_fds[469]-Failed TCP connect
upd_comm_connect_fds[455]-Trying FDS 173.243.138.66:443

DSRB-S-FW-1 # tcp_connect_fds[256]-select() timed out


upd_comm_connect_fds[469]-Failed TCP connect
upd_comm_connect_fds[455]-Trying FDS 208.184.237.66:443

DSRB-S-FW-1 # tcp_connect_fds[256]-select() timed out


upd_comm_connect_fds[469]-Failed TCP connect
do_check_wanip[770]-Failed getting wan ip

DSRB-S-FW-1 # do_setup[340]-Starting SETUP


upd_fds_load_default_server6[1038]-Resolve and add fds update.fortiguard.net ipv6
address failed.
upd_comm_connect_fds[455]-Trying FDS 173.243.138.67:443
tcp_connect_fds[256]-select() timed out
upd_comm_connect_fds[469]-Failed TCP connect
upd_comm_connect_fds[455]-Trying FDS 173.243.138.66:443

DSRB-S-FW-1 # diag debug dis

DSRB-S-FW-1 # diag debug rating


Locale : english
Service : Web-filter
Status : Disable

Service : Antispam
Status : Disable

Service : Virus Outbreak Prevention


Status : Disable

DSRB-S-FW-1 # get system fortiguard-service status


NAME VERSION LAST UPDATE METHOD EXPIRE
AV Engine 6.266 2021-08-24 17:00:00 manual 2021-06-29 23:59:59
Virus Definitions 81.908 2020-11-18 08:50:56 scheduled 2021-06-29 23:59:59
Extended set 81.908 2020-11-18 08:50:56 scheduled 2021-06-29 23:59:59
AI/Machine Learning Malware Detection Model 0.000 2001-01-01 00:00:00 manual
n/a
Flow-based Virus Definitions 81.908 2020-11-18 08:50:56 scheduled 2021-06-29
23:59:59
Attack Definitions 6.741 2020-11-18 02:50:57 scheduled 2021-06-29 23:59:59
Attack Extended Definitions 0.000 2001-01-01 00:00:00 manual 2021-06-29
23:59:59
IPS Malicious URL Database 2.831 2020-11-17 20:51:28 scheduled 2021-06-29
23:59:59
IPS/FlowAV Engine 7.043 2021-10-05 01:33:00 manual 2021-06-29 23:59:59
IPS Config Script 1.009 2019-06-06 14:02:00 manual 2021-06-29 23:59:59
Application Definitions 6.741 2020-11-18 02:50:57 scheduled 2021-06-29 23:59:59
Industrial Attack Definitions 6.741 2015-12-01 02:30:00 manual n/a

DSRB-S-FW-1 # diagnose autoupdate versions

AV Engine
---------
Version: 6.00266
Contract Expiry Date: Tue Jun 29 2021
Last Updated using manual update on Tue Aug 24 17:00:00 2021
Last Update Attempt: Wed Nov 18 08:50:56 2020
Result: No Updates

Virus Definitions
---------
Version: 81.00908
Contract Expiry Date: Tue Jun 29 2021
Last Updated using scheduled update on Wed Nov 18 08:50:56 2020
Last Update Attempt: Wed Feb 9 19:12:49 2022
Result: Connectivity failure

Extended set
---------
Version: 81.00908
Contract Expiry Date: Tue Jun 29 2021
Last Updated using scheduled update on Wed Nov 18 08:50:56 2020
Last Update Attempt: Wed Feb 9 19:12:49 2022
Result: Connectivity failure

Mobile Malware Definitions


---------
Version: 81.00908
Contract Expiry Date: Tue Jun 29 2021
Last Updated using scheduled update on Wed Nov 18 08:50:56 2020
Last Update Attempt: Wed Feb 9 19:12:49 2022
Result: Connectivity failure

IPS Attack Engine


---------
Version: 7.00043
Contract Expiry Date: Tue Jun 29 2021
Last Updated using manual update on Tue Oct 5 01:33:00 2021
Last Update Attempt: Wed Nov 18 08:50:56 2020
Result: No Updates

IPS Config Script


---------
Version: 1.00009
Contract Expiry Date: Tue Jun 29 2021
Last Updated using manual update on Thu Jun 6 14:02:00 2019
Last Update Attempt: Wed Nov 18 08:50:56 2020
Result: No Updates

Attack Definitions
---------
Version: 6.00741
Contract Expiry Date: Tue Jun 29 2021
Last Updated using scheduled update on Wed Nov 18 02:50:57 2020
Last Update Attempt: Wed Nov 18 08:50:56 2020
Result: No Updates

Attack Extended Definitions


---------
Version: 0.00000
Contract Expiry Date: Tue Jun 29 2021
Last Updated using manual update on Mon Jan 1 00:00:00 2001
Last Update Attempt: Fri Aug 28 01:22:57 2020
Result: Connectivity failure

Application Definitions
---------
Version: 6.00741
Contract Expiry Date: Tue Jun 29 2021
Last Updated using scheduled update on Wed Nov 18 02:50:57 2020
Last Update Attempt: Wed Nov 18 08:50:56 2020
Result: No Updates

Industrial Attack Definitions


---------
Version: 6.00741
Contract Expiry Date: n/a
Last Updated using manual update on Tue Dec 1 02:30:00 2015
Last Update Attempt: n/a
Result: Updates Installed

IPS Malicious URL Database


---------
Version: 2.00831
Contract Expiry Date: Tue Jun 29 2021
Last Updated using scheduled update on Tue Nov 17 20:51:28 2020
Last Update Attempt: Wed Feb 9 19:12:49 2022
Result: Connectivity failure
Flow-based Virus Definitions
---------
Version: 81.00908
Contract Expiry Date: Tue Jun 29 2021
Last Updated using scheduled update on Wed Nov 18 08:50:56 2020
Last Update Attempt: Wed Nov 18 08:50:56 2020
Result: Updates Installed

Botnet Domain Database


---------
Version: 2.00623
Contract Expiry Date: Tue Jun 29 2021
Last Updated using scheduled update on Wed Nov 18 06:50:50 2020
Last Update Attempt: Wed Feb 9 19:12:49 2022
Result: Connectivity failure

Internet-service Database
---------
Version: 0.00000
Contract Expiry Date: n/a
Last Updated using manual update on Mon Jan 1 00:00:00 2001
Last Update Attempt: Wed Feb 9 19:12:49 2022
Result: Connectivity failure

Device and OS Identification


---------
Version: 1.00123
Contract Expiry Date: Tue Jun 29 2021
Last Updated using scheduled update on Thu Nov 5 08:51:49 2020
Last Update Attempt: Wed Feb 9 19:12:49 2022
Result: Connectivity failure

URL Allow list


---------
Version: 2.00960
Contract Expiry Date: Tue Jun 29 2021
Last Updated using scheduled update on Wed Nov 18 02:50:57 2020
Last Update Attempt: Wed Feb 9 19:12:49 2022
Result: Connectivity failure

IP Geography DB
---------
Version: 3.00041
Contract Expiry Date: n/a
Last Updated using manual update on Thu Oct 17 12:05:00 2019
Last Update Attempt: Wed Feb 9 19:12:49 2022
Result: Connectivity failure

Certificate Bundle
---------
Version: 1.00029
Contract Expiry Date: n/a
Last Updated using manual update on Wed Oct 6 17:00:00 2021
Last Update Attempt: Wed Feb 9 19:12:49 2022
Result: Connectivity failure

Malicious Certificate DB
---------
Version: 1.00294
Contract Expiry Date: Tue Jun 29 2021
Last Updated using scheduled update on Tue Nov 17 06:50:55 2020
Last Update Attempt: Wed Feb 9 19:12:49 2022
Result: Connectivity failure

Mac Address Database


---------
Version: 1.00033
Contract Expiry Date: n/a
Last Updated using manual update on Wed Oct 14 15:21:00 2020
Last Update Attempt: Wed Feb 9 19:12:49 2022
Result: Connectivity failure

AntiPhish Pattern DB
---------
Version: 0.00000
Contract Expiry Date: n/a
Last Updated using manual update on Tue Nov 30 00:00:00 1999
Last Update Attempt: Wed Feb 9 19:12:49 2022
Result: Connectivity failure

AI/Machine Learning Malware Detection Model


---------
Version: 0.00000
Contract Expiry Date: n/a
Last Updated using manual update on Mon Jan 1 00:00:00 2001
Last Update Attempt: Wed Feb 9 19:12:49 2022
Result: Connectivity failure

Modem List
---------
Version: 0.000

FDS Address
---------

DSRB-S-FW-1 # exe telnet 173.243.138.66 443


Trying 173.243.138.66...
Timeout!
Failed to connect to specified unit.

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy