r/fortinet

I am attempting to get alert email functioning on all of my FortiGate firewalls. For all of the smaller sites that are running standalone firewalls (not running high availability), this works flawlessly. For all of the firewalls that are running in HA pairs, however, this doesn't work at all.

I've attempted to troubleshoot using the instructions here: Troubleshooting Tip: Email alerts. I have tested using both the default FortiGuard SMTP settings as well as with a custom SMTP server.

The issue is this: when testing by enabling debug and generating a test email... nothing happens. There is zero debug output generated, which leads me to conclude that there was never even an attempt made to send the test email. When I run the same test email debugging on one of the working firewalls, I can immediately see the debug output as described in the documentation, even if I purposefully use incorrect SMTP settings to force the test to fail. Every supporting document that I have found describe what certain errors in the debug output might mean, but none that I have found have given a reason that no debug output would be generated at all.

I've also run a packet capture on the specified port when conducting this troubleshooting. Like with the debug output, on the working firewalls I could immediately see the email traffic in the capture, but with every firewall in HA - nothing.

Does anybody know what would cause these alerts to fail before they are even caught by the debug flow?

Heads up on this critical vulnerability tied to Forticlient EMS https://fortiguard.fortinet.com/psirt/FG-IR-26-099

FortiGate firewalls never even attempt to send email

Upgrade Forticlient via EMS