Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
dan231
New Contributor

Admin portal issue

This is strange and I can't find any solution yet.

 

When I type in the addres bar https://firewallIP

Sometimes I get the FW and sometimes I get a cisco asa

When it is the fortigate, it'll login, but then freeze if I try to browse any page or go into any configuration.

 

Is there a misconfiguration somewhere?  The IP is not in use anywhere that I know of as the last time it was used is on the last firewall I had.

 

Currently, I have a laptop direct connected for all admin access.

8 REPLIES 8
NotMine
Contributor

Do your users have any problem going out to the Internet, or wherever they are supposed to go, thru the FortiGate?

 

I would presume there is an ASA in your network with the same IP address. That is, if you are typing an IP address in the address field.

 

If you are typing an FQDN (for example fortigate.yourdomain.local), then maybe you have a duplicate DNS record in your DNS server/hosts file.

NSE 7

All oppinions/statements written here are my own.

NSE 7 All oppinions/statements written here are my own.
dan231
New Contributor

interesting....If I add a DNS name entry, the IP issue shouldn't change, correct?

 

And no, all users get out just fine.

I will also confirm with some vendors on the ASA IPS.

 

 

support12
New Contributor III

 

Its better use the ip  https://10.20.1.2   dont use names or fqn,,,

NotMine

If there is an ASA in your network anywhere, I would suggest checking its IP addresses.

 

Also, have you tried connecting from different computers?

NSE 7

All oppinions/statements written here are my own.

NSE 7 All oppinions/statements written here are my own.
dan231

Same on all pcs.

What if I use the Wan2 secondary IP.

 

I'm not sure what that even does internally.I'm thinking of assigning it a non-ever used IP - or would that potentially kill/disrupt my existing traffic?

rwpatterson
Valued Contributor III

From a command prompt, ping that IP then check the arp table.

Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com

Bob - self proclaimed posting junkie!See my Fortigate related scripts at: http://fortigate.camerabob.com
dan231
New Contributor

Found it!  A vendor did in fact have that IP in play.

Unplugged the ASA (until they can get in to update) and I am working as intended now.

 

Thank you to all!

rwpatterson
Valued Contributor III

Great news. That sounded about right to us. Glad you found it.

Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com

Bob - self proclaimed posting junkie!See my Fortigate related scripts at: http://fortigate.camerabob.com
Labels
Top Kudoed Authors