This article describes how to solve the license status ‘no license’ for Antispam and Virus Outbreak.
Solution
If the license status of the Antivirus/Antispam shows as ‘no license’, make sure the below ports are opened on the Firewall and there should not be any upstream devices blocking the traffic:
- FortiGuard Antispam rating queries: UDP/53, UDP/8888, TCP/53, TCP/443, TCP/8888.
- FortiGuard Antivirus push updates: UDP/9443.
- FortiGuard Antispam or Antivirus updates: TCP/443,TCP/8890.
All these ports need to be allowed on the firewall.
Note: Sometimes the upstream ISP or router will have to check on UDP port 53 traffic, and if it is not DNS traffic, it might block it.
It means that traffic could still be blocked after the firewall.
Therefore, other ports could be used except UDP/53 for Antispam traffic to bypass this kind of check.
If it is desired to check the port configuration on FortiMail, the following steps should be followed.
Step 1: From Gui, Go to the System > FortiGuard.
Step 2: Go to the Antivirus tab and change the port configuration using the FortiGuard server port section.
Or if it is needed to update for Antispam, go to the Antispam tab and change the port configuration using the FortiGuard server protocol and FortiGuard server port sections.
Check the following steps for Antivirus port configs.
Check the following steps for Antispam port configs.