This article describes how to do FortiGuard updates in Transparent Mode.
Scope
FortiGate.
Solution
To fetch updates from FortiGuard servers in transparent mode, the FortiGate should have Internet access.
A management IP is assigned to FortiGate in transparent mode.
config system settings set opmode transparent set manageip <IP Address/Mask> end
Any interface on the FortiGate can be used for management access. As an example:
config system interface edit "wan1" set vdom "root" set allowaccess https ping http ssh snmp telnet set type physical set role wan set snmp-index 1 next end
A static route needs to be defined pointing towards the next-hop device.
config router static edit 1 set gateway <next-hop IP> (no option to define interface in transparent mode). next end
Internet access in transparent mode is needed to allow communication with FortiGuard servers and to fetch automatic updates for different services (such as FortiCare, Antivirus, IPS, Web Filter, etc.).