- Forums
- Knowledge Base
- Customer Service
- FortiGate
- FortiClient
- FortiAP
- FortiAnalyzer
- FortiADC
- FortiAuthenticator
- FortiBridge
- FortiCache
- FortiCarrier
- FortiCASB
- FortiConnect
- FortiConverter
- FortiCNP
- FortiDAST
- FortiDDoS
- FortiDB
- FortiDNS
- FortiDeceptor
- FortiDevSec
- FortiDirector
- FortiEDR
- FortiExtender
- FortiGate Cloud
- FortiGuard
- FortiHypervisor
- FortiInsight
- FortiIsolator
- FortiMail
- FortiManager
- FortiMonitor
- FortiNAC
- FortiNAC-F
- FortiNDR (on-premise)
- FortiNDRCloud
- FortiPAM
- FortiPortal
- FortiProxy
- FortiRecon
- FortiRecorder
- FortiSandbox
- FortiSASE
- FortiScan
- FortiSIEM
- FortiSOAR
- FortiSwitch
- FortiTester
- FortiToken
- FortiVoice
- FortiWAN
- FortiWeb
- Wireless Controller
- RMA Information and Announcements
- FortiCloud Products
- ZTNA
- 4D Documents
- Customer Service
- Community Groups
- Blogs
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
- Fortinet Community
- Forums
- Support Forum
- Re: FortiGate 800c GUI is very slow after upgradin...
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
FortiGate 800c GUI is very slow after upgrading from 5.2.4 to 5.4.2
Hi all,
i have 2 FGT 800C running in HA mode Active-Active before 3 days ago i have upgraded the firmware from 5.2.4 to 5.4.2 using proper upgrade path which provided by fortinet 5.2.4 > 5.2.6 > 5.2.9 > 5.4.2, after upgrading the firmware i noticed that FGT GUI is very very slow especially when i navigate to polices page took like 3 to 5 mints to open. i have opened ticket with foritnet support and waiting for their reply, did anyone faced this issue?
Note: i changed the HA mode to Active-Passive, matched HA Hash, and restarted the both units.
Thank you.
Solved! Go to Solution.
1 Solution
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
i did it, still lagging and glitching specially ( address & policy pages)
Foritnet support team advised:
- How you are accessing Web-GUI either by VPN, Public IP or Internally (LAN). - Also when you are checking keep the "httpsd" on check with multiple browser by clearing there browsing history. - In FGT Web-GUI you are facing slowness with specific page i.e "Policy Page", "Interface Page" or the complete GUI
Please provide the output of below mentioned commands again. # diag debug reset # diag debug disable # diag debug enable # diag web-ui debug enable # diag debug application httpsd -1 Once done collecting logs # di de reset # di de disable ---> to disable # exec tac report ** Run the command di sys top-summary again ** See the process id (PID) for httpsd ** Kill it using the following command and try to access web GUI again, diagnose sys kill 11 <PID> PID RSS CPU% ^MEM% FDS TIME+ NAME 84 78M 0.0 1.0 20 00:13.45 httpsd [x4] Then check the performance again of GUI.
22 REPLIES 22
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
@kallbrandt
i ran this command "diag debug config-error-log read". i didn't found any error
5.4.2 still lagging and glitching it really pissing me off. i will downgrade to 5.2.10
FortiOS has features more than any vendor but more bugs as well.
i wish Fortinet team focus on fixing bugs instead of introducing more features or at least focus on both equally
last point: Fortinet support is very bad they really need to enhance the service
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hai
Can you plz run the below commands
diagnose sys top and try to restart the httpsd process
Regards
Mahesh
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
i did it, still lagging and glitching specially ( address & policy pages)
Foritnet support team advised:
- How you are accessing Web-GUI either by VPN, Public IP or Internally (LAN). - Also when you are checking keep the "httpsd" on check with multiple browser by clearing there browsing history. - In FGT Web-GUI you are facing slowness with specific page i.e "Policy Page", "Interface Page" or the complete GUI
Please provide the output of below mentioned commands again. # diag debug reset # diag debug disable # diag debug enable # diag web-ui debug enable # diag debug application httpsd -1 Once done collecting logs # di de reset # di de disable ---> to disable # exec tac report ** Run the command di sys top-summary again ** See the process id (PID) for httpsd ** Kill it using the following command and try to access web GUI again, diagnose sys kill 11 <PID> PID RSS CPU% ^MEM% FDS TIME+ NAME 84 78M 0.0 1.0 20 00:13.45 httpsd [x4] Then check the performance again of GUI.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
i have another 4 FGTs at remote sites, they working perfectly with 5.2.x
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
after i sent the logs to fortinet: they point the issue to:
httpsd 14767 - 1481537449] api_monitor_handler[454] -- received api_monitor_request from '10.2.24.124' [httpsd 14767 - 1481537449] aps_init_process_vdom[1200] -- initialized process vdom to 'NPC-VDOM' (cookie='NPC-VDOM') [httpsd 14767 - 1481537449] handle_req_vdom[387] -- new API request (action='select',path='system',name='debug',vdom='NPC-VDOM',user='mrazik') [httpsd 14767 - 1481537449] build_system_debug[2592] -- JavaScript error -- https://10.2.2.1:31994/cc...c2f3/qed_list_all.js:4 -- Uncaught TypeError: Cannot read property 'name' of undefined [httpsd 14767 - 1481537449] ap_invoke_handler[594] -- request completed (handler='api_monitor-handler' result==0) [httpsd 14767 - 1481537449] ap_invoke_handler[571] -- new request (handler='api_monitor-handler', uri='/api/monitor?path=system&name=debug', method='POST') [httpsd 14767 - 1481537449] ap_invoke_handler[575] -- User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.99 Safari/537.36
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Have the same problem with FortiOS 5.4.3 on several different devices.
Our FortiGate-200D cluster is worse of all. It contains 200+ policies and it's a hell right now if we want to look into or change policies using the GUI. (Om 5.2.8 it was 10x faster)
There are no config errors and log disks are already formatted.
Any of you having tips or solutions?
- MBR -
NSE1, NSE2, NSE3
FGT60D/E, FWF60D/E, FGT200D
- MBR -
NSE1, NSE2, NSE3
FGT60D/E, FWF60D/E, FGT200D
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I can officially say that running FortiGate 900d with around 2k policies is the slowest gui I have ever seen ...
I am having problems on several boxes running 5.4.4.
Including 1500d, 900d, 300d etc.
I opened a tac case one time because of my 1500d cluster and the answer was that this was a bug in progress
and until they fixed it the solution was to set the gui to display only 20 lines.
"The bug is still under progress, As a workaround you can reduce the no of shown policies to 20 per page, then log-out and log-in again, to do that please execute the below commands # config system global # set gui-lines-per-page 20 # end
"
20 lines per page is still slow so I am hoping 5.6 will be better .
Has anyone had the balls to try out 5.6 on production ? :)
NSE7, FMG, FAC, FAZ .
1500D's, 1200D's, 900D's, 300D's, 200D's, 100D's and bunch of small stuff.
NSE7, FMG, FAC, FAZ .
1500D's, 1200D's, 900D's, 300D's, 200D's, 100D's and bunch of small
stuff.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Smari,
5.6.0 doesn't fix this bug :(
Fortinet told me the fix will be released in (5.6.1), which is scheduled to be launched starting Q3
I'm very disappointed again in the Fortinet way of resolving such huge issues. I don't get it why the let customers wait so long (until some next release) before resolving urgent issues. In my opinion the should consider urgent patches or private hotfixes in these cases.
The 20 lines per page is indeed still way to slow... (I don't get it how it's possible these versions pass Q&A testing)
I hope this bug will also be fixed in a new 5.4.x release because I really don't want to get on the 5.6 release cycle this early.
- MBR -
NSE1, NSE2, NSE3
FGT60D/E, FWF60D/E, FGT200D
- MBR -
NSE1, NSE2, NSE3
FGT60D/E, FWF60D/E, FGT200D
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Could you share the bug ID?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I didn't received the Bug ID but you may refer to ticket nr. 2108453
- MBR -
NSE1, NSE2, NSE3
FGT60D/E, FWF60D/E, FGT200D
- MBR -
NSE1, NSE2, NSE3
FGT60D/E, FWF60D/E, FGT200D
Related Posts
Labels
-
FortiGate
6,588 -
FortiClient
1,313 -
5.2
801 -
5.4
639 -
FortiManager
570 -
6.0
416 -
FortiAnalyzer
415 -
5.6
362 -
FortiSwitch
338 -
FortiAP
337 -
FortiClient EMS
268 -
6.2
251 -
FortiMail
246 -
FortiAuthenticator v5.5
234 -
5.0
196 -
FortiWeb
151 -
6.4
128 -
FortiNAC
108 -
FortiGuard
102 -
FortiSIEM
89 -
FortiGateCloud
87 -
FortiCloud Products
84 -
IPsec
73 -
FortiToken
71 -
Customer Service
70 -
4.0MR3
64 -
SSL-VPN
62 -
Wireless Controller
58 -
FortiProxy
45 -
FortiADC
43 -
Fortivoice
41 -
FortiEDR
39 -
FortiGate v5.4
34 -
FortiDNS
34 -
FortiExtender
32 -
FortiSandbox
31 -
FortiSwitch v6.4
28 -
SD-WAN
26 -
Firewall policy
25 -
FortiConnect
24 -
FortiWAN
22 -
VLAN
21 -
FortiConverter
21 -
High Availability
20 -
FortiPortal
18 -
ZTNA
16 -
FortiSwitch v6.2
16 -
FortiGate v5.2
16 -
FortiAuthenticator
16 -
FortiMonitor
14 -
SAML
14 -
Certificate
14 -
DNS
13 -
FortiDDoS
13 -
BGP
12 -
FortiGate v5.0
12 -
Routing
12 -
Interface
12 -
FortiCASB
12 -
LDAP
11 -
VDOM
11 -
Logging
11 -
Virtual IP
10 -
FortiRecorder
10 -
RADIUS
9 -
FortiWeb v5.0
9 -
FortiManager v5.0
9 -
NAT
9 -
4.0MR2
9 -
fortilink
8 -
Traffic shaping
8 -
SSID
7 -
RMA Information and Announcements
7 -
FortiSOAR
7 -
SSL SSH inspection
7 -
FortiAnalyzer v5.0
7 -
FortiGate v4.0 MR3
7 -
Admin
7 -
4.0
7 -
IP address management - IPAM
7 -
Security profile
6 -
Authentication
6 -
FortiBridge
6 -
Fortigate Cloud
6 -
SSO
6 -
Application control
6 -
Traffic shaping policy
5 -
Web application firewall profile
5 -
SNMP
5 -
FortiManager v4.0
5 -
Static route
5 -
FortiDirector
4 -
Proxy policy
4 -
packet capture
4 -
WAN optimization
4 -
Automation
4 -
DNS Filter
4 -
Web profile
4 -
FortiTester
4 -
FortiCarrier
4 -
FortiCache
4 -
OSPF
4 -
3.6
4 -
Port policy
4 -
FortiScan
4 -
IPS signature
3 -
FortiToken Cloud
3 -
FortiAP profile
3 -
DoS policy
3 -
Intrusion prevention
3 -
FortiDB
3 -
FortiDeceptor
2 -
Fortinet Engage Partner Program
2 -
FortiInsight
2 -
NAC policy
2 -
Antivirus profile
2 -
Traffic shaping profile
2 -
VoIP profile
2 -
FortiPAM
2 -
FortiAI
2 -
FortiHypervisor
2 -
Email filter profile
2 -
Netflow
2 -
trunk
2 -
System settings
2 -
4.0MR1
1 -
TACACS
1 -
Users
1 -
Replacement messages
1 -
Schedule
1 -
Subscription Renewal Policy
1 -
SDN connector
1 -
FortiCWP
1 -
FortiNDR
1 -
Application signature
1 -
Authentication rule and scheme
1 -
FortiManager-VM
1 -
Web rating
1 -
Internet Service Database
1 -
Multicast routing
1 -
Zone
1 -
Explicit proxy
1 -
Protocol option
1
Broad. Integrated. Automated.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Security Research
Company
News & Articles
Copyright 2024 Fortinet, Inc. All Rights Reserved.