Skip to main content
finnzi
finnzi
New Member
December 31, 2014
Solved

Webinterface unresponsive on a Fortigate 1500D

  • December 31, 2014
  • 1 reply
  • 88245 views

Howdy all,

 

Just got two Fortigate 1500D boxes.

 

Running v5.2.2,build0642,141118 (GA).

 

We configured the management interfaces on them and starting going through the web interface. However it suddenly seemed to stall/halt. Port 443 did accept connections but I was unable to retrieve anything (all existing sessions just seem to "hang").

 

The SSH interface was available and everything seemed to be functioning as expected except for the web interface.

 

We did reboot the boxes and regained access to the interface but I was just wondering if there was some way to restart the web interface without restarting the whole box ;-)?

 

Bgrds,

Finnur

Best answer by emnoc

You can kill the httpsd  daemon and it will restart. This should be the WebGUI daemon.

 

Execute the following;

 

get sys perf top

 

or

 

diag sys top

 

Find the pid # and then kill it using a unix signal 9 kill. It will restart automatically. FortiOS runs some type of self-auto restarts so you will always find a  few process that's always running regardless if your using them or not.

 

To kill it in a sudden death.

diag sys kill 9 <insert pid >

 

If the pid  is not shown in the running list, you can use the hidden fnsysctl cmd to find the last dump <pid> in the following local directory. This is a little more work  & requires you to be creative.

fnsysctl ls /var/run/

     and then cat out the  pid of interest;

fnsysctl cat  /var/run/<nameoftheprocess>.pid

 

TAC frowns on using the fnsysctl commands but it's an option.

 

FWIW: I would open a case with TAC and see what they say, but I had a similar problem where  https access was not working, we toggle the admin port under global sys and then back to a new port number and https started working correctly. I now run https web access on port 1443 since beta'ing 5.2 due to very weirdness and haven't had any issues ever since doing this.

 

ken

 

 

1 reply

emnoc
emnocAnswer
New Member
December 31, 2014

You can kill the httpsd  daemon and it will restart. This should be the WebGUI daemon.

 

Execute the following;

 

get sys perf top

 

or

 

diag sys top

 

Find the pid # and then kill it using a unix signal 9 kill. It will restart automatically. FortiOS runs some type of self-auto restarts so you will always find a  few process that's always running regardless if your using them or not.

 

To kill it in a sudden death.

diag sys kill 9 <insert pid >

 

If the pid  is not shown in the running list, you can use the hidden fnsysctl cmd to find the last dump <pid> in the following local directory. This is a little more work  & requires you to be creative.

fnsysctl ls /var/run/

     and then cat out the  pid of interest;

fnsysctl cat  /var/run/<nameoftheprocess>.pid

 

TAC frowns on using the fnsysctl commands but it's an option.

 

FWIW: I would open a case with TAC and see what they say, but I had a similar problem where  https access was not working, we toggle the admin port under global sys and then back to a new port number and https started working correctly. I now run https web access on port 1443 since beta'ing 5.2 due to very weirdness and haven't had any issues ever since doing this.

 

ken

 

 

finnzi
finnziAuthor
New Member
December 31, 2014

emnoc wrote:

You can kill the httpsd  daemon and it will restart. This should be the WebGUI daemon.

 

Execute the following;

 

 

get sys perf top

 

 

or

 

 

diag sys top

 

 

Find the pid # and then kill it using a unix signal 9 kill. It will restart automatically. FortiOS runs some type of self-auto restarts so you will always find a  few process that's always running regardless if your using them or not.

 

To kill it in a sudden death.

 

diag sys kill 9 <insert pid >

 

 

If the pid  is not shown in the running list, you can use the hidden fnsysctl cmd to find the last dump <pid> in the following local directory. This is a little more work  & requires you to be creative.

 

fnsysctl ls /var/run/

 

     and then cat out the  pid of interest;

 

fnsysctl cat  /var/run/<nameoftheprocess>.pid

 

 

TAC frowns on using the fnsysctl commands but it's an option.

 

FWIW: I would open a case with TAC and see what they say, but I had a similar problem where  https access was not working, we toggle the admin port under global sys and then back to a new port number and https started working correctly. I now run https web access on port 1443 since beta'ing 5.2 due to very weirdness and haven't had any issues ever since doing this.

 

ken

 

 

Great, thanks man!

 

Bgrds,

Finnur

Terms & ConditionsAccessibility statement