I had a Fortigate 300C (stock grill, custom rims) that seemed to be acting flaky but was nothing I could pinpoint. Eventually, the flash disk would disappear from the configuration then re-appear out of the blue. As time went on, the SQL database would corrupt and repairing it wasn't helping. Soon, our web filter would randomly let folks get to certain places and not others (regardless of the actual filter settings). I contacted Fortinet for an exchange. The RMA process went very smoothly. The subsequent unit install, however, did not.
Once the new unit was here (yesterday), I fired it up, used FortiExplorer to find it attached with USB cable and I imported a backup config into the new unit. So far, so good. Well, no I forgot that I had to reboot the new unit at one point because it quit talking to my computer. I am sure that was operator error though. Once the initial setup was complete, I used the old box to connect to Fortigate Support and convert the serial number to the new unit (they have an RMA exchange feature to do this - which, in a way, is a scary thought really). All seemed well. I connected the new unit to our network, swapped cables and let it ride... to nowhere. The license did not transfer. I called tech support and they said it could be two hours before the license transfers. TWO HOURS!? Glad this isn't mission critical or anything.
Today, I fire up my computer and.. nothing. I still can't go anywhere. I get into the unit and several licenses have updated, others have not - web filtering being one. I call tech support. Now they tell me it can be up to 24 hours before the license transfers. Seriously!? She said, "We suggest you keep the old unit in place until the license transfers." Through clenched teeth, I said, "If the other unit was working, I wouldn't have needed the new one in the first place!"
We tried to force the unit to update. Nothing after 20 minutes. And then, it dawned on me: The blocking message said that the license was expired and that pages may not be accessible with the filter enabled. So, I disabled the web filtering, and TAH DAH - instantly updated the license.
I let the Fortinet tech department know that maybe they should consider including one bit of troubleshooting when a customer is doing an RMA transfer: Tell them to disable the web filter until the license transfer is complete.
File this away in case you have to RMA your Fortigate firewall/filter.
No comments:
Post a Comment