Skip to main content
jcastellanos
Staff
jcastellanos
Staff
October 3, 2024

Troubleshooting Tip: Unexpected login from Fortiweb to the FortiGate

  • October 3, 2024
  • 0 replies
  • 189 views

 

Description This article describes how to prevent unexpected login into FortiGate coming from FortiWeb in case the Administrator is required to disable it.
Scope FortiWeb v7.2.X.
Solution

The FortiGate Administrator could report in event logs, the FortiGate user interface is accepting incoming connections from FortiWeb as a source.

 

logdesc="Admin login successful" user="testadmin" ui="https(172.10.15.20)" method="https" srcip=172.10.15.20 dstip=172.10.15.1 action="login" status="success" reason="none" profile="super_admin" msg="Administrator testadmin logged in successfully from https(172.10.15.20)"

 

The user wants to disable FortiWeb to attempt these connections. To disable the FortiWeb. try to initiate connections into the FortiGate, and ensure the next sections are disabled.


config system csf
    set status enable   <----- Change to disable.
    set upstream-ip 172.10.15.1 <----- Unset the configuration.
    set management-ip 172.10.15.1
    set management-port 9443
end

 

 

config system fortigate-integration
    set server 172.10.15.1  <----- Disable the server configuration, and unset the server.
    set port 9443
    set protocol HTTPS
    set username testadmin
    set password ENC
    set flag enable
end

 

Disabling the settings under these sections prevents Fortiweb from establishing HTTPS connections to the FortiGate GUI.

 

    Terms & ConditionsAccessibility statement