Cannot access the FortiAnalyzer web admin interface (GUI)

Armando_Gomez_Barrio · ‎05-26-2017

hi, good morning, I am facing a serious problem with a FortiAnalyzer.. I can not access by https after a very strong storm in the CDMX. I hava accees by ping, ssh and telnet but not by https I need help please,

Armando Gómez

scao_FTNT · ‎05-26-2017

what is the FAZ version? can you provide "diagnose system print df" and "diagnose system process list" and "exec top"

Thanks

Simon

Armando_Gomez_Barrio · ‎05-26-2017

I share the configuration

Thanks

# diagnose system print certificate Print IPSec certificate. cpuinfo Print CPU information. df Print file system disk space usage. hosts Print static table lookup for host names. interface Print information of interface. loadavg Print average load of system. netstat Print network statistics. partitions Print partition information of system. route Print main route list. rtcache Print contents of routing cache. slabinfo Print slab allocator statistics. sockets Print currently used socket ports. uptime Print how long system has been running.

# diagnose system print df Filesystem 1K-blocks Used Available Use% Mounted on none 11836536 0 11836536 0% /dev/shm none 65536 24 65512 0% /tmp /dev/sdb1 253871 63407 190464 25% /data /dev/sda 3844656208 1493703620 2350952588 39% /var /dev/sda 3844656208 1493703620 2350952588 39% /drive0 /dev/sda 3844656208 1493703620 2350952588 39% /Storage /dev/loop0 9911 1121 8278 12% /var/dm/tcl-root

# diagnose system process list PID USER VSZ STAT COMMAND 1 root 152m S /bin/initXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX 2 root 0 SW [kthreadd] 3 root 0 SW [ksoftirqd/0] 4 root 0 SW [kworker/0:0] 5 root 0 SW [kworker/u:0] 6 root 0 SW [migration/0] 7 root 0 SW [migration/1] 8 root 0 SW [kworker/1:0] 9 root 0 SW [ksoftirqd/1] 10 root 0 SW [kworker/0:1] 11 root 0 SW [migration/2] 12 root 0 SW [kworker/2:0] 13 root 0 SW [ksoftirqd/2] 14 root 0 SW [migration/3] 15 root 0 SW [kworker/3:0] 16 root 0 SW [ksoftirqd/3] 17 root 0 SW [migration/4] 19 root 0 SW [ksoftirqd/4] 20 root 0 SW [migration/5] 21 root 0 SW [kworker/5:0] 22 root 0 SW [ksoftirqd/5] 23 root 0 SW [migration/6] 24 root 0 SW [kworker/6:0] 25 root 0 SW [ksoftirqd/6] 26 root 0 SW [migration/7] 27 root 0 SW [kworker/7:0] 28 root 0 SW [ksoftirqd/7] 29 root 0 SW< [khelper] 30 root 0 SW< [pm] 31 root 0 SW [sync_supers] 32 root 0 SW [bdi-default] 33 root 0 SW< [kintegrityd] 34 root 0 SW< [kblockd] 35 root 0 SW< [kacpid] 36 root 0 SW< [kacpi_notify] 37 root 0 SW< [kacpi_hotplug] 38 root 0 SW< [ata_sff] 39 root 0 SW [khubd] 40 root 0 SW [kseriod] 41 root 0 SW [kswapd0] 42 root 0 SW [fsnotify_mark] 43 root 0 SW< [crypto] 61 root 0 SW [kworker/u:1] 62 root 0 SWN [kipmi0] 63 root 0 SW [scsi_eh_0] 64 root 0 SW< [megasas_ocr] 65 root 0 SW [kworker/6:1] 66 root 0 SW [kworker/1:1] 67 root 0 SW [kworker/4:1] 68 root 0 SW [kworker/3:1] 69 root 0 SW [kworker/5:1] 70 root 0 SW [kworker/7:1] 71 root 0 SW [kworker/2:1] 72 root 0 SW [scsi_eh_1] 73 root 0 SW [usb-storage] 76 root 0 SW [kjournald] 87 root 0 SW [jbd2/sda-8] 88 root 0 SW< [ext4-dio-unwrit] 91 root 0 SW [flush-8:0] 165 root 0 SW< [loop0] 167 root 111m S /bin/cmdbsvr 240 root 0 SW [kworker/4:2] 349 root 70628 S /bin/dns 350 root 9076 S {pyfcgid} /bin/sh /bin/pyfcgid 352 root 167m S gui control 359 root 58276 S /bin/python -B /usr/local/lib/python2.6/proj/manage.py runfcgi socket=/tmp/fcgi.sock pidfile=/tmp/django.pid maxspare=5 maxchildren=5 daemoniz 360 root 58276 S /bin/python -B /usr/local/lib/python2.6/proj/manage.py runfcgi socket=/tmp/fcgi.sock pidfile=/tmp/django.pid maxspare=5 maxchildren=5 daemoniz 361 root 58276 S /bin/python -B /usr/local/lib/python2.6/proj/manage.py runfcgi socket=/tmp/fcgi.sock pidfile=/tmp/django.pid maxspare=5 maxchildren=5 daemoniz 362 root 58276 S /bin/python -B /usr/local/lib/python2.6/proj/manage.py runfcgi socket=/tmp/fcgi.sock pidfile=/tmp/django.pid maxspare=5 maxchildren=5 daemoniz 363 root 58276 S /bin/python -B /usr/local/lib/python2.6/proj/manage.py runfcgi socket=/tmp/fcgi.sock pidfile=/tmp/django.pid maxspare=5 maxchildren=5 daemoniz 364 root 58276 S /bin/python -B /usr/local/lib/python2.6/proj/manage.py runfcgi socket=/tmp/fcgi.sock pidfile=/tmp/django.pid maxspare=5 maxchildren=5 daemoniz 368 root 158m S svc main 369 root 72108 S /bin/dvmcore 370 root 7844 S /bin/telnetd -h 371 root 77440 S /usr/sbin/sshd -D 372 root 152m S dvmcmd control 373 root 76236 S /bin/merged_daemons 374 root 152m S securityconsole 375 root 160m S dmserver 376 root 166m S dmworker 377 root 106m S /bin/fgfmd 378 root 71980 S /bin/ddmd 379 root 72652 S /bin/alertmail 380 root 71392 S /bin/alertd 381 root 71476 S < /bin/ntpd 382 root 153m S scheduled 383 root 96036 S /bin/snmpd 386 root 254m S FortiManagerWS 387 root 5760 S /bin/cron 389 root 13800 S /bin/racoon -F -f /etc/racoon.conf 390 root 65636 S /bin/hwmonitor 391 root 91736 S N /bin/cpumemond 392 root 80852 S /bin/fdsdevlist 393 root 73484 S /fdsroot/bin/fdsinit --launch 394 root 65632 S /bin/fwmevlogd 395 root 82136 S /bin/fwmsg_server 396 root 81912 S /bin/fwmlinkd 397 root 82080 S /bin/fwmupd 398 root 66676 S /bin/webconsoled 399 root 153m S srchd 412 root 158m S svc dvmdb reader 413 root 158m S svc dvmdb writer 414 root 158m S svc task reader 415 root 158m S svc task writer 416 root 158m S svc ncmdb reader 417 root 158m S svc ncmdb writer 418 root 158m S svc cmdb reader 420 root 158m S svc cmdb writer 421 root 158m S svc sys reader 422 root 158m S svc sys writer 423 root 158m S svc cdb reader 424 root 158m S svc cdb writer 471 root 19212 S /fdsroot/bin/syslogd -n -f /fdsroot/data/etc/syslogd.conf 472 root 72432 S /fdsroot/bin/logrolling /var/log 5M 200 /var/umlog 5M 1 473 root 73588 S /fdsroot/bin/um_dvm_service 474 root 73724 S /fdsroot/bin/um_db_service 475 root 74316 S /fdsroot/bin/um_db_stat 476 root 140m S /fdsroot/bin/fdslinkd -c /fdsroot/data/etc/fds.conf -f up 477 root 187m S /fdsroot/bin/fctlinkd -c /fdsroot/data/etc/fct.conf -f up 478 root 67776 S /fdsroot/bin/uma_upd 479 root 67808 S /fdsroot/bin/uma_msgd 480 root 71964 S /fdsroot/bin/udm_statd 481 root 68212 S /fdsroot/bin/umamsg_server 497 root 72700 S /bin/login 498 root 200m S /bin/fazautormd 499 root 154m S /bin/fazcfgd 500 root 77440 S /bin/aggregatord -D -r -f /etc/sshd_config_aggregator 501 root 312m S {fortilogd.main} /bin/fortilogd 502 root 91424 S /bin/rptschedler 503 root 203m S /bin/oftpd 504 root 101m S /bin/logfiled 505 root 111m S /bin/uploadd 506 root 125m S /bin/sqllogd 507 root 114m S /bin/sqlrptcached 508 root 117m S /bin/sqlplugind 509 root 109m S /bin/sqlreportd 510 root 219m S /bin/fazsvcd 511 root 25984 S /bin/pgsvrd 512 root 98912 S N /bin/archd 513 root 203m S /bin/fazmaild 615 root 126m S /bin/oftpd 19269 root 0 SW [flush-8:16] 19627 root 80132 R {sshd} sshd: admin@pts/0 19642 root 110m S -newcli admin admin --userfrom=ssh(10.70.70.176) --adminprof=Super_User --adom=root 19829 root 84220 R /bin/miglogd 19847 root 8812 R ps

# execute top top_bin - 12:56:13 up 1:57, 0 users, load average: 1.28, 1.22, 1.23 Tasks: 147 total, 2 running, 145 sleeping, 0 stopped, 0 zombie Cpu(s): 3.2%us, 6.5%sy, 0.0%ni, 90.3%id, 0.0%wa, 0.0%hi, 0.0%si, 0.0%st Mem: 12299116k total, 2696452k used, 9602664k free, 114500k buffers Swap: 2076536k total, 0k used, 2076536k free, 1855900k cached

PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND 19952 root 20 0 84220 7956 3616 R 51 0.1 0:01.54 miglogd 503 root 20 0 203m 20m 8732 S 3 0.2 3:17.50 oftpd 501 root -13 0 312m 239m 18m S 2 2.0 2:35.96 fortilogd.main 412 root 20 0 158m 13m 2112 S 0 0.1 0:04.31 svc dvmdb reade 480 root 20 0 71964 4740 2700 S 0 0.0 0:04.38 udm_statd 499 root 20 0 154m 15m 7236 S 0 0.1 0:00.65 fazcfgd 505 root 20 0 111m 11m 5216 S 0 0.1 0:00.72 uploadd 19894 root 20 0 9536 1116 736 R 0 0.0 0:00.03 top_bin 1 root 20 0 152m 11m 6060 S 0 0.1 0:16.22 initXXXXXXXXXXX 2 root 20 0 0 0 0 S 0 0.0 0:00.00 kthreadd 3 root 20 0 0 0 0 S 0 0.0 0:00.65 ksoftirqd/0 4 root 20 0 0 0 0 S 0 0.0 0:00.00 kworker/0:0 5 root 20 0 0 0 0 S 0 0.0 0:00.01 kworker/u:0 6 root RT 0 0 0 0 S 0 0.0 0:03.56 migration/0 7 root RT 0 0 0 0 S 0 0.0 0:06.88 migration/1 8 root 20 0 0 0 0 S 0 0.0 0:00.00 kworker/1:0 9 root 20 0 0 0 0 S 0 0.0 0:00.74 ksoftirqd/1 10 root 20 0 0 0 0 S 0 0.0 0:00.31 kworker/0:1 11 root RT 0 0 0 0 S 0 0.0 0:04.42 migration/2 12 root 20 0 0 0 0 S 0 0.0 0:00.16 kworker/2:0 13 root 20 0 0 0 0 S 0 0.0 0:00.64 ksoftirqd/2 14 root RT 0 0 0 0 S 0 0.0 0:05.59 migration/3 15 root 20 0 0 0 0 S 0 0.0 0:00.00 kworker/3:0 16 root 20 0 0 0 0 S 0 0.0 0:00.54 ksoftirqd/3 17 root RT 0 0 0 0 S 0 0.0 0:06.03 migration/4 19 root 20 0 0 0 0 S 0 0.0 0:00.59 ksoftirqd/4 20 root RT 0 0 0 0 S 0 0.0 0:03.93 migration/5 21 root 20 0 0 0 0 S 0 0.0 0:00.00 kworker/5:0 22 root 20 0 0 0 0 S 0 0.0 0:00.60 ksoftirqd/5 23 root RT 0 0 0 0 S 0 0.0 0:03.24 migration/6 24 root 20 0 0 0 0 S 0 0.0 0:00.00 kworker/6:0 25 root 20 0 0 0 0 S 0 0.0 0:00.68 ksoftirqd/6 26 root RT 0 0 0 0 S 0 0.0 0:02.78 migration/7 27 root 20 0 0 0 0 S 0 0.0 0:00.00 kworker/7:0 28 root 20 0 0 0 0 S 0 0.0 0:00.70 ksoftirqd/7 29 root 0 -20 0 0 0 S 0 0.0 0:00.00 khelper 30 root 0 -20 0 0 0 S 0 0.0 0:00.00 pm 31 root 20 0 0 0 0 S 0 0.0 0:00.00 sync_supers 32 root 20 0 0 0 0 S 0 0.0 0:00.00 bdi-default 33 root 0 -20 0 0 0 S 0 0.0 0:00.00 kintegrityd 34 root 0 -20 0 0 0 S 0 0.0 0:00.00 kblockd 35 root 0 -20 0 0 0 S 0 0.0 0:00.00 kacpid 36 root 0 -20 0 0 0 S 0 0.0 0:00.00 kacpi_notify 37 root 0 -20 0 0 0 S 0 0.0 0:00.00 kacpi_hotplug 38 root 0 -20 0 0 0 S 0 0.0 0:00.00 ata_sff 39 root 20 0 0 0 0 S 0 0.0 0:00.00 khubd 40 root 20 0 0 0 0 S 0 0.0 0:00.00 kseriod 41 root 20 0 0 0 0 S 0 0.0 0:00.00 kswapd0 42 root 20 0 0 0 0 S 0 0.0 0:00.00 fsnotify_mark 43 root 0 -20 0 0 0 S 0 0.0 0:00.00 crypto 61 root 20 0 0 0 0 S 0 0.0 0:00.00 kworker/u:1 62 root 39 19 0 0 0 S 0 0.0 0:17.44 kipmi0 63 root 20 0 0 0 0 S 0 0.0 0:00.00 scsi_eh_0 64 root 0 -20 0 0 0 S 0 0.0 0:00.00 megasas_ocr 65 root 20 0 0 0 0 S 0 0.0 0:00.14 kworker/6:1 66 root 20 0 0 0 0 S 0 0.0 0:00.14 kworker/1:1

Armando Gómez

scao_FTNT · ‎05-26-2017

seems httpd daemon not running, can you check "get system status" and provide FAZ model and version info? and not sure if you can try a reboot see if can fix the issue?

Thanks

Simon

scao_FTNT · ‎05-26-2017

and also pls check for "diagnose debug crashlog read"

Thanks

Simon

Armando_Gomez_Barrio · ‎05-26-2017

thanks for the support,

Restart the FAZ and do not correct the problem.

the model is 2000B and the Version is 5.2.3

the comand "diagnose debug crashlog read" does not show anything

try another interface and I can not login by ping.

Thanks

Armando Gómez

scao_FTNT · ‎05-26-2017

Hi, Armando Gomez Barrios, can you open a ticket and send me a ticket ID so I can work for your case

Thanks

Simon

emnoc · ‎05-26-2017

I would also try a diagnose of the GUI

diag debug enable

diag debug reset

diag debug application gui -1

We are assuming the unit is working at this point and just not WebGUI

?

PCNSE

NSE

StrongSwan

Armando_Gomez_Barrio · ‎05-26-2017

Hi, emnoc,

the comand

#diag debug enable #diag debug reset #diag debug application gui -1

does not show anything

I can not enter by https://XXX.XXX.XXX.XX

Thanks

Armando Gómez

emnoc · ‎05-26-2017

Ok some very dumb question ; " is allow access enable for http or https on the interface " ?

Do you have any upstream firewall/acl that was toggle ?

e.g from the cli-cmd can you give us the interface status

show sys interface

Also can you re-apply the https allow access

e.g

config system interface edit "port1" set allowaccess ping ssh snmp https

end

Can you temporary try a 2nd interface to elimination and locally ?

e.g

config system interface edit "port1" set ip 1.1.1.1 255.255.252.0 set allowaccess ping ssh snmp https

end

And apply a host in that interface directly for test to bypass any firewalls.

And last item, do you have any proxy-settings or proxy locally that could impact you?

PCNSE

NSE

StrongSwan

Cannot access the FortiAnalyzer web admin interface (GUI)

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website