Fix: Web Filter Service Error All Fortiguard Servers Failed to Respond

Several users who had FortiGate set up and running reported encountering the Web Filter Service Error: all Fortiguard servers failed to respond, and most websites were inaccessible, even the established ones.

Funnily, for a few, FortiGuard’s official website was blocked, too

The problem usually arises when there’s a change in the DNS server, FortiGate tries to connect only to IPv6 addresses, or if you have poorly set filtering and rating settings. 

How do I fix Web Filter Service Error all fortiguard servers failed to respond?

1. Change the DNS server

1. Open the dashboard, expand the Network tab from the left pane, and select DNS.
2. Head to the Specify tab to use another DNS server instead of the default FortiGuard server.
3. Enter the following in the text field:
   • Primary DNS Server: 8.8.8.8
   • Secondary DNS Server: 8.8.4.4
4. Provide a local domain name, and click Apply to save the changes.

Changing the DNS server helps eliminate several network-related issues, including Unable to connect to FortiGuard servers.

2. Disable anycast

For many users, disabling FortiGuard – anycast worked when content filtering wasn’t optimal, or they came across the FortiGuard webfilter services are not reachable error.

To do that, use the following CLI (Command Line Interface):

config system fortiguard
      set fortiguard-anycast disable
      set protocol udp
      set port 8888
      set sdns-server-ip 208.91.112.220
end

Once done, the websites should open properly. This method worked in 4 out of 5 instances of the error we came across.

3. Turn on Allow websites when a rating error occurs

1. Open the dashboard, go to Security Profiles from the navigation pane, and select Web Filter.
2. Now, enable the toggle for Allow websites when a rating error occurs and save the changes.

4. Configure the update server location

1. Open the Fortigate dashboard, expand System from the left, and select FortiGuard.
2. Scroll down the FortiGuard Updates section, choose Restrict to next to Update server location and then select EU only.
3. Save the changes, and check for improvements.

5.  Contact Fortinet support

If nothing else works, it’s best that you contact Fortinet support and ask for a resolution because it’s most likely a setup-specific problem.

Apply the changes they recommend, or wait for an update to get things up and running.

These are all the ways you can fix the Web Filter Service Error all FortiGuard servers failed to respond issue in no time. Remember, based on our research, it generally turned out to be some misconfiguration at the user’s end. So verify that before you contact the support team.

A few even reported issues with the VPN, where Fortinet VPN locks out after 1 failed attempt, and here, too, the command line interface comes to the rescue!

For any queries or to share more solutions with us, drop a comment below.