Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Not applicable

Cannot acces via web interface

Hello, I was connected via web interface to our Fortinet 60B firewall, checking configuration when, suddenly, the web borwser lost the connection and afterwards I cannot acces to the firewall via web anyway. The error that shows me is that the server is lasting too much and I cannot access. I' ve tried to connect via console and I can perfectly. I did a reboot via console but this doesn' t work. Would be possible any configuration that I' ve changed by mistake that cannot let me access via web???? Thanks
18 REPLIES 18
rwpatterson
Valued Contributor III

Welcome to the forums. Anything is possible. Do you recall your last steps? Does it still seem to be passing traffic correctly? Is it in NAT/Route mode or transparent mode? Some good diagnostic commands from the CLI: To find the interface settings:
#show system interface
To find the admin source options:
#show system admin
To find the routing information:
#show router static
That should be enough to get you back on track. Good luck

Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com

Bob - self proclaimed posting junkie!See my Fortigate related scripts at: http://fortigate.camerabob.com
Not applicable

Hello! thanks for your helping. I' ve typed the commands and here is what it says: # show system interface config system interface edit " wan1" set vdom " root" set ip 192.168.1.10 255.255.255.0 set allowaccess ping https ssh set type physical set alias " OUT" next edit " wan2" set vdom " root" set allowaccess ping set status down set type physical next edit " dmz" set vdom " root" set status down set type physical next edit " internal" set vdom " root" set ip 192.168.2.1 255.255.255.0 set allowaccess ping https ssh http set type physical next end # show system admin config system admin edit " admin" set accprofile " super_admin" set vdom " root" config dashboard edit " sysinfo" set column 1 next edit " licinfo" set column 1 next edit " jsconsole" set column 1 next edit " sysop" set column 2 next edit " alert" set column 2 next edit " sysres" set column 2 next edit " statistics" set column 2 next end set password ENC AK1E**** next edit " mperez" set trusthost1 192.168.2.0 255.255.255.0 set accprofile " admin_monitor" set vdom " root" config dashboard edit " sysinfo" set column 1 next edit " licinfo" set column 1 next edit " jsconsole" set column 1 next edit " sysres" set column 1 next edit " sysop" set column 2 next edit " alert" set column 2 next edit " statistics" set column 2 next end set password ENC AK1T*** next edit " rabad" set accprofile " super_admin" set vdom " root" config dashboard edit " sysinfo" set column 1 next edit " licinfo" set column 1 next edit " jsconsole" set column 1 next edit " sysres" set column 1 next edit " sysop" set column 2 next edit " alert" set column 2 next edit " statistics" set column 2 next end set password ENC AK**** next edit " arista" set accprofile " super_admin" set vdom " root" config dashboard edit " sysinfo" set column 1 next edit " licinfo" set column 1 next edit " jsconsole" set column 1 next edit " sysres" set column 1 next edit " sysop" set column 2 next edit " alert" set column 2 next edit " statistics" set column 2 next end set password EN***** next end # show router static config router static edit 1 set device " wan1" set gateway 192.168.1.1 next end
rwpatterson
Valued Contributor III

From what it looks like, mperez can only get in from the internal interface, while the others can get in from WAN1 additionally. Access from internal should be http, https, ssh and ping. How are you trying to get into the device?

Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com

Bob - self proclaimed posting junkie!See my Fortigate related scripts at: http://fortigate.camerabob.com
Not applicable

Hi rwpatterson!: I' m a JRuben mate and we are working together over same firewall. We use to login to firewall, user: " admin" , by http. But the problem is the graphical login interface is not shown in browser, the firewall is running and working perfectly. Is just we can' t access to graphical configuration interface . Thanx in advance! :D
rwpatterson
Valued Contributor III

Are you trying from the inside interface (internal) or the outside interface (WAN1)?

Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com

Bob - self proclaimed posting junkie!See my Fortigate related scripts at: http://fortigate.camerabob.com
Not applicable

Hi: We are trying it from ' internal' .
rwpatterson
Valued Contributor III

Can you ping 192.168.2.1? If so, you should be able to browse in via HTTP or HTTPS. Are you on the interface subnet (192.168.2.0/24)?

Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com

Bob - self proclaimed posting junkie!See my Fortigate related scripts at: http://fortigate.camerabob.com
Not applicable

Hi: I do ping 192.168.2.1 and it works I paste ipconfig from my lap: ==================================== C:\Documents and Settings\Vicente>ipconfig Configuración IP de Windows Adaptador Ethernet VMware Network Adapter VMnet8 : Sufijo de conexión específica DNS : Dirección IP. . . . . . . . . . . : 192.168.6.1 Máscara de subred . . . . . . . . : 255.255.255.0 Puerta de enlace predeterminada : Adaptador Ethernet VMware Network Adapter VMnet1 : Sufijo de conexión específica DNS : Dirección IP. . . . . . . . . . . : 192.168.44.1 Máscara de subred . . . . . . . . : 255.255.255.0 Puerta de enlace predeterminada : Adaptador Ethernet Conexiones de red inalámbricas : Estado de los medios. . . .: medios desconectados Adaptador Ethernet Conexión de área local : Sufijo de conexión específica DNS : CONTROLADOR Dirección IP. . . . . . . . . . . : 192.168.2.96 Máscara de subred . . . . . . . . : 255.255.255.0 Puerta de enlace predeterminada : 192.168.2.1 ======================================
rwpatterson
Valued Contributor III

What happens when you try to get to: 1) http://192.168.2.1 or 2) https://192.168.2.1 They should work

Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com

Bob - self proclaimed posting junkie!See my Fortigate related scripts at: http://fortigate.camerabob.com
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors