Help
FortiManager
FortiManager supports network operations use cases for centralized management, best practices compliance, and workflow automation to provide better protection against breaches.
MAQ
Staff
Staff

Created on ‎11-11-2025 09:18 AM

Article Id 418274

Troubleshooting Tip: FortiManager GUI not accessible while CLI access remains functional

Description This article describes how to resolve an issue where the FortiManager web-based GUI becomes inaccessible under a specific configuration where it acts as a FortiGuard Distribution Server (FDS) for Web Filter rating.
Scope FortiManager 7.4.8 and earlier versions.
FortiManager 7.6.4 and earlier versions.
Solution

The FortiManager GUI becomes unresponsive and cannot be accessed, while CLI access remains functional. 

When the issue occurs, attempts to access the FortiManager GUI will fail. The following errors may be present in the browser:

 

FMG-GUI-error.png

 

FMG-GUI-lost-connection.png

This issue only occurs when all the following conditions are met:

  1. FortiManager is configured as an FDS server for connected FortiGates for Web Filter rating.
  2. No secondary IP address is configured on the FortiManager.
  3. The FortiManager FDS service is using the default port (TCP/443).
  4. The Apache web server on FortiManager is operating in event mode.

 

Solution:

To resolve the issue, break one of the conditions listed above. This article provides two primary methods:

 

Method #1: Configure a FortiManager Secondary IP Address and assign a dedicated IP for the FDS rating service.

 

FortiManager:


config system interface
    edit "port1"
        set ip 10.10.10.11 255.255.255.0
        set allowaccess ping https ssh snmp http webservice
        set serviceaccess fgtupdates fclupdates webfilter-antispam
        set rating-service-ip 10.10.10.21 255.255.255.0
        set type physical

    next
end


FortiGate:


FGT01 #config system central-management
    set type fortimanager
        config server-list
            edit 1

                set server-type update
                set server-address 10.10.10.11 
            next
            edit 2
                set server-type rating
                set server-address 10.10.10.21 
            next
        end
    end


Method 2: Change the Apache Web Server Mode to Prefork:


This method changes the web server's operation mode to resolve the issue


FMG #config system global
    set apache-mode prefork
end

 

This issue is resolved in FortiManager 7.4.9 & 7.6.5.

 

Related documents:
52
0 Kudos
Suggest New Article
Article Feedback
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.