Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor

Cannot to reach port 443 only from some connectivity



We have a "strange" problem with an FG-40F 


From some connections (ISP) port 443 is not reachable while from others it works regularly.


When try to open the port you are asked to accept the insecure ssl certificate, but then the browser "stalls" loading endlessly.


The firewall has a dedicated and direct fixed IP provided by the connectivity provider.


The very strange thing is that on some the connectivity works normally while on others it presents this symptom.


Any suggestions?


Thank you


New Contributor III

Hello DType,


I think the problem with the endless loading might be caused by MTU. I suggest to try lower it to like 1399 and try again to connect.

In my country, some ISPs have problem like this and we are forced to lower MTU in order to connect.


Not all those who wander are lost


Hi @DType,


Are you using port 443 to access the FortiGate itself? If so, do you have trusted hosts configured under admin account? Please also check the TLS protocol it is using.


You can also try a different browser and clear browser's cache as well. 



Contributor III

Hello Dtype

### 1. **Check Firewall Rules:**
Ensure that the firewall rules on the FortiGate are correctly configured to allow traffic on port 443 from all IPs. There might be a rule that is blocking traffic from certain IP ranges or ISPs.

### 2. **Inspect SSL/TLS Settings:**
Check the SSL/TLS settings on the FortiGate for any misconfigurations. Ensure that the correct SSL certificate is being presented and that it is not expired. Also, check if the SSL/TLS protocol versions supported by the FortiGate are also supported by the clients trying to connect.

### 3. **Check ISP Routing:**
It’s possible that the issue might be related to the routing on the ISP's end. Some ISPs might have routing issues or peering problems that could cause certain ports to be unreachable. Try reaching out to the ISPs in question to check if they are experiencing any issues.

### 4. **Review Logs:**
Review the logs on the FortiGate firewall to see if there are any error messages or warnings related to connections on port 443. The logs might provide more information on why the connections are being blocked or stalled.

### 5. **Test with Different Browsers/Clients:**
If possible, test the connectivity with different browsers and clients to see if the issue persists. This can help determine if the problem is specific to a certain browser or client configuration.

### 6. **Update Firmware:**
Ensure that the FortiGate firewall is running the latest firmware version. Firmware updates often include fixes for known issues and might resolve the connectivity problem.

### 7. **Contact Fortinet Support:**
If you are unable to resolve the issue with the above steps, consider reaching out to Fortinet Support for further assistance.

Remember to make any changes carefully and to back up your configurations before making changes to the firewall settings.


Hi @DType,

What is the flow of the network and the destination for this 443? Are you trying to access GUI of the FortiGate or what is the connection for? Please also run the following commands when try to connect:

diag debug reset
diag debug flow filter addr X.X.X.X (destination IP)
diag debug flow filter port 443
diag debug flow show ip en
diag debug flow show func en
diag debug console time ena
diag debug ena
diag debug flow trace start 999