I have two FortiGate (3240C) firewalls (v5.0.6 - 0271) both managed by a FortiManager (200D). I can access the web site on one of the Fortigates and can manage both of them from the FortiManager. However on one of the Fortigates I can't access the web site at all to check it. I have checked that the ports are correct 80 and 443 via the Fortimanager.
When I try to connect to the firewall website I just get a message that the page can't be found.
What can I check or change to get the website back up and running on the Fortiagte?
If you can not access the fgt from SSH try to remote connect using the CLI tunnel connection from the FortiManger.
Once connected to the affected Fortiate, perform a get system global on the CLI. Look for the lines admin-https-redirect and admin-port, and admin-sport - confirm those settings are correct.
Next perform show firewall vip | grep extport and see if any port 80 or 443 shows up. If there is then it means there is a port-forward setup on the fgt using the same "admin ports" connections. You will need to change the admin ports to something else (e.g. 8080, 8443).
The only times I couldn't connect to a fgt at all (GUI or CLI) was when the fgt was behind double-NAT or the fgt was running in conserve mode.
As an alternately suggestion to connecting to the fgt, you can always check the config from the revision history.
Edit: You will want to upgrade the firmware on those fgt due to the heartbleed exploit.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.