Skip to main content
fortiFWuser
Explorer III
June 16, 2022
Question

Https acces to the firewall

  • June 16, 2022
  • 3 replies
  • 2371 views

Hello, 

 

I have a new fortigate installed yesterday

Today at the morning i entered normally. 

 

Now that I am trying the page does not load and the login does not open

 

Any ideeas??

 

Thanks and regards, 

Konstantinos

3 replies

metz_FTNT
Staff
Staff
June 16, 2022

Hi Konstantinos,

 

First try to ping the IP to verify if network connectivity is ok.

Then SSH login, if you can SSH then check if http/https service is enabled on the interface

 

 

 

 

fortiFWuser
Explorer III
June 17, 2022

Hello, 

 

How do I check the service?

The thing is that i have this issue from the outside 

From internal net I can login normally. 

 

metz_FTNT
Staff
Staff
June 17, 2022

Hi,

 

On the interface facing internet check the allowaccess:

 

https://docs.fortinet.com/document/fortigate/6.0.0/handbook/909236/configuring-administrative-access-to-interfaces

 

Can you SSH from outside ?

Also, is public IP on the Fortigate ? Therefore no NAT and portforward required in front of it ?

 

 

fortiFWuser
Explorer III
June 17, 2022

The matter is sth with the http service 
Probably it was stuck

I could normally login from the inside
I could normally SSH from the outside

 

Only the https from the outside could not open

 

Contributor
June 17, 2022

Hi Konstantinos,
Here is your scenario:

Access from Internal - working

Access from outside - not working

 

1st, please verify as follow:

To configure protocols for administrative access to interfaces - GUI
  1. Go to Network > Interfaces.
  2. Select the interface that you want to configure administrative access for and select Edit.
  3. In the Administrative Access section, select the protocols that you want to allow an administrator to use to access the FortiGate. In your case, is HTTPS.
  4. Select OK.

2nd, please make sure you are using public IP for the WAN interface on Fortigate. Since you want to access from outside, this WAN interface should be reachable directly from outside.

Hope this help.