Description
This article describes that after changing the gateway IP and eth0/Port1 IP from the FortiNAC CLI, Admin UI is not accessible while ssh is still accessible.
Scope
FortiNAC and FortiNAC-F.
Solution
The main reason for such an issue could be the IP changes on the interface were made through the CLI, however, it is preferred to make any sort of IP changes in the ConfigWizard from FortiNAC GUI. When config Wizard is not used to make such changes, the '.networkConfig' file does not get properly updated as it should, which can cause this issue.
Troubleshooting steps:
- Check the default gateway and port1 configuration and see whether everything is properly configured.
- Check and verify that allowaccess has been set for https-adminui on port1.
- Check to verify the routing table.
Use the command:
route -n
- Ping the gateway and port 1 IP from FortiNAC, both should be reachable.
execute ping < IP>
- Check if the required processes are running or not. Use the following command:
jps
- If all required processes are not running check the logs:
- Switch to logs directory.
- Enter the command: tf output.processManager and check the logs to find what could be causing the issue (most probably there will be a mismatch of IPs).
- Check the .networkConfig file to see if the changes made on the interfaces through CLI are also updated in this file. The '.networkConfig' file can be found here: /bsc/campusMgr/bin/.networkConfig. Run the following:
cat .networkConfig
- Check and verify whether the changes made on the interface through CLI are also updated in this file or not.
- If the file was not properly updated, update the file. Run the below commands and make the appropriate changes.
vi .networkConfig
Press 'r' and replace the necessary.
Press ':wq!' to write and escape the file.
- Now restart NAC. Use the following command:
startupNAC - The Admin UI should now be accessible.
