Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
asengar
Staff
Staff

Created on ‎08-10-2023 11:54 PM Edited on ‎08-13-2023 10:33 AM By Moderator

Article Id 268395

Troubleshooting Tip: Unable to access the firewall from GUI and in monitoring portal it reflects CPU usage as 99.9 %

Description This article describes when the FortiGate is not accessible from GUI and in the putty access, it shows high CPU Utilization.
Scope FortiGate.
Solution

When the firewall is accessible from the SSH via putty but not through the GUI, a check in PuTTY may reveal that the httpsd daemon is consuming high resources, causing the issue.

The httpsd daemon is necessary for the HTTPS server for the GUI access of the FortiGate to present the user interface in the browser.


When attempting to gain the GUI access of the firewall after the TCP handshake, the SSL handshake triggers with the certificate configured in 'admin-server-cert' in the global setting.


If the httpsd is consuming high resources and the GUI is not accessible, take the HTTPS to debug and observe the error as shown in the below picture.


diagnose debug application httpsd -1
diagnose debug enable

 

https-debug.png

 

If the error matches the above screenshot, check the admin-server-cert in the settings:

 

config sys global
    set admin-server-cert <>
end

 

If no admin-server was called, configure the admin certificate as Fortinet_Factory. After making these changes, the CPU utilization will lower to normal and the FortiGate GUI will become accessible.
894
0 Kudos
Submit Article Idea
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.