Unlock Exclusive Benefits
Join Our Community Today!
Join our community and post in the forum to earn your exclusive Autumn 2024 badge! Become a member today!
LOGIN/REGISTER
CONTINUE AS A GUEST
- Forums
- Knowledge Base
- Customer Service
- Internal Article Nominations
- FortiGate
- FortiClient
- FortiAP
- FortiAnalyzer
- FortiADC
- FortiAuthenticator
- FortiBridge
- FortiCache
- FortiCarrier
- FortiCASB
- FortiConnect
- FortiConverter
- FortiCNP
- FortiDAST
- FortiDDoS
- FortiDB
- FortiDNS
- FortiDLP
- FortiDevSec
- FortiDeceptor
- FortiDirector
- FortiEDR
- FortiExtender
- FortiGate Cloud
- FortiHypervisor
- FortiGuard
- FortiInsight
- FortiIsolator
- FortiMail
- FortiMonitor
- FortiManager
- FortiNAC
- FortiNAC-F
- FortiNDR (on-premise)
- FortiNDRCloud
- FortiPAM
- FortiPhish
- FortiPortal
- FortiProxy
- FortiRecon
- FortiRecorder
- FortiSRA
- FortiSandbox
- FortiSASE
- FortiScan
- FortiSIEM
- FortiSOAR
- FortiSwitch
- FortiTester
- FortiToken
- FortiVoice
- FortiWAN
- FortiWeb
- FortiWebCloud
- Lacework
- Wireless Controller
- RMA Information and Announcements
- FortiCloud Products
- ZTNA
- 4D Documents
- Customer Service
- Community Groups
- Blogs
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
- Fortinet Community
- Forums
- Support Forum
- Re: FortiGate 800c GUI is very slow after upgradin...
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
FortiGate 800c GUI is very slow after upgrading from 5.2.4 to 5.4.2
Hi all,
i have 2 FGT 800C running in HA mode Active-Active before 3 days ago i have upgraded the firmware from 5.2.4 to 5.4.2 using proper upgrade path which provided by fortinet 5.2.4 > 5.2.6 > 5.2.9 > 5.4.2, after upgrading the firmware i noticed that FGT GUI is very very slow especially when i navigate to polices page took like 3 to 5 mints to open. i have opened ticket with foritnet support and waiting for their reply, did anyone faced this issue?
Note: i changed the HA mode to Active-Passive, matched HA Hash, and restarted the both units.
Thank you.
Solved! Go to Solution.
Nominate a Forum Post for Knowledge Article Creation
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
1 Solution
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
i did it, still lagging and glitching specially ( address & policy pages)
Foritnet support team advised:
- How you are accessing Web-GUI either by VPN, Public IP or Internally (LAN). - Also when you are checking keep the "httpsd" on check with multiple browser by clearing there browsing history. - In FGT Web-GUI you are facing slowness with specific page i.e "Policy Page", "Interface Page" or the complete GUI
Please provide the output of below mentioned commands again. # diag debug reset # diag debug disable # diag debug enable # diag web-ui debug enable # diag debug application httpsd -1 Once done collecting logs # di de reset # di de disable ---> to disable # exec tac report ** Run the command di sys top-summary again ** See the process id (PID) for httpsd ** Kill it using the following command and try to access web GUI again, diagnose sys kill 11 <PID> PID RSS CPU% ^MEM% FDS TIME+ NAME 84 78M 0.0 1.0 20 00:13.45 httpsd [x4] Then check the performance again of GUI.
22 REPLIES 22
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
@kallbrandt
i ran this command "diag debug config-error-log read". i didn't found any error
5.4.2 still lagging and glitching it really pissing me off. i will downgrade to 5.2.10
FortiOS has features more than any vendor but more bugs as well.
i wish Fortinet team focus on fixing bugs instead of introducing more features or at least focus on both equally
last point: Fortinet support is very bad they really need to enhance the service
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hai
Can you plz run the below commands
diagnose sys top and try to restart the httpsd process
Regards
Mahesh
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
i did it, still lagging and glitching specially ( address & policy pages)
Foritnet support team advised:
- How you are accessing Web-GUI either by VPN, Public IP or Internally (LAN). - Also when you are checking keep the "httpsd" on check with multiple browser by clearing there browsing history. - In FGT Web-GUI you are facing slowness with specific page i.e "Policy Page", "Interface Page" or the complete GUI
Please provide the output of below mentioned commands again. # diag debug reset # diag debug disable # diag debug enable # diag web-ui debug enable # diag debug application httpsd -1 Once done collecting logs # di de reset # di de disable ---> to disable # exec tac report ** Run the command di sys top-summary again ** See the process id (PID) for httpsd ** Kill it using the following command and try to access web GUI again, diagnose sys kill 11 <PID> PID RSS CPU% ^MEM% FDS TIME+ NAME 84 78M 0.0 1.0 20 00:13.45 httpsd [x4] Then check the performance again of GUI.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
i have another 4 FGTs at remote sites, they working perfectly with 5.2.x
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
after i sent the logs to fortinet: they point the issue to:
httpsd 14767 - 1481537449] api_monitor_handler[454] -- received api_monitor_request from '10.2.24.124' [httpsd 14767 - 1481537449] aps_init_process_vdom[1200] -- initialized process vdom to 'NPC-VDOM' (cookie='NPC-VDOM') [httpsd 14767 - 1481537449] handle_req_vdom[387] -- new API request (action='select',path='system',name='debug',vdom='NPC-VDOM',user='mrazik') [httpsd 14767 - 1481537449] build_system_debug[2592] -- JavaScript error -- https://10.2.2.1:31994/cc...c2f3/qed_list_all.js:4 -- Uncaught TypeError: Cannot read property 'name' of undefined [httpsd 14767 - 1481537449] ap_invoke_handler[594] -- request completed (handler='api_monitor-handler' result==0) [httpsd 14767 - 1481537449] ap_invoke_handler[571] -- new request (handler='api_monitor-handler', uri='/api/monitor?path=system&name=debug', method='POST') [httpsd 14767 - 1481537449] ap_invoke_handler[575] -- User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.99 Safari/537.36
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Have the same problem with FortiOS 5.4.3 on several different devices.
Our FortiGate-200D cluster is worse of all. It contains 200+ policies and it's a hell right now if we want to look into or change policies using the GUI. (Om 5.2.8 it was 10x faster)
There are no config errors and log disks are already formatted.
Any of you having tips or solutions?
- MBR -
NSE1, NSE2, NSE3
FGT60D/E, FWF60D/E, FGT200D
- MBR -
NSE1, NSE2, NSE3
FGT60D/E, FWF60D/E, FGT200D
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I can officially say that running FortiGate 900d with around 2k policies is the slowest gui I have ever seen ...
I am having problems on several boxes running 5.4.4.
Including 1500d, 900d, 300d etc.
I opened a tac case one time because of my 1500d cluster and the answer was that this was a bug in progress
and until they fixed it the solution was to set the gui to display only 20 lines.
"The bug is still under progress, As a workaround you can reduce the no of shown policies to 20 per page, then log-out and log-in again, to do that please execute the below commands # config system global # set gui-lines-per-page 20 # end
"
20 lines per page is still slow so I am hoping 5.6 will be better .
Has anyone had the balls to try out 5.6 on production ? :)
NSE7, FMG, FAC, FAZ .
1500D's, 1200D's, 900D's, 300D's, 200D's, 100D's and bunch of small stuff.
NSE7, FMG, FAC, FAZ .
1500D's, 1200D's, 900D's, 300D's, 200D's, 100D's and bunch of small
stuff.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Smari,
5.6.0 doesn't fix this bug :(
Fortinet told me the fix will be released in (5.6.1), which is scheduled to be launched starting Q3
I'm very disappointed again in the Fortinet way of resolving such huge issues. I don't get it why the let customers wait so long (until some next release) before resolving urgent issues. In my opinion the should consider urgent patches or private hotfixes in these cases.
The 20 lines per page is indeed still way to slow... (I don't get it how it's possible these versions pass Q&A testing)
I hope this bug will also be fixed in a new 5.4.x release because I really don't want to get on the 5.6 release cycle this early.
- MBR -
NSE1, NSE2, NSE3
FGT60D/E, FWF60D/E, FGT200D
- MBR -
NSE1, NSE2, NSE3
FGT60D/E, FWF60D/E, FGT200D
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Could you share the bug ID?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I didn't received the Bug ID but you may refer to ticket nr. 2108453
- MBR -
NSE1, NSE2, NSE3
FGT60D/E, FWF60D/E, FGT200D
- MBR -
NSE1, NSE2, NSE3
FGT60D/E, FWF60D/E, FGT200D
Announcements
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
Related Posts
- How configure SO FortiOS by server... 55 Views
- S248DF - Upgrade to 3.6.12 Shows... 53 Views
- FortiAp working after Firewall upgrade? Compatibility... 46 Views
- ZTNA access to VMware 99 Views
- ERR_CONNECTION_CLOSED Error 55 Views
Labels
-
FortiGate
8,403 -
FortiClient
1,699 -
5.2
801 -
FortiManager
708 -
5.4
639 -
FortiAnalyzer
540 -
FortiSwitch
456 -
FortiAP
452 -
6.0
416 -
FortiClient EMS
401 -
5.6
362 -
FortiMail
308 -
6.2
251 -
FortiAuthenticator v5.5
234 -
SSL-VPN
210 -
5.0
196 -
FortiWeb
196 -
IPsec
183 -
FortiNAC
173 -
FortiGuard
133 -
6.4
128 -
SD-WAN
107 -
FortiSIEM
100 -
FortiGateCloud
100 -
FortiCloud Products
95 -
FortiToken
89 -
FortiAuthenticator
82 -
Customer Service
77 -
Wireless Controller
76 -
Firewall policy
69 -
4.0MR3
64 -
FortiProxy
57 -
FortiADC
53 -
High Availability
51 -
Fortivoice
50 -
FortiEDR
50 -
vlan
47 -
ZTNA
46 -
FortiSandbox
43 -
FortiExtender
43 -
FortiDNS
42 -
Routing
39 -
DNS
38 -
LDAP
38 -
BGP
37 -
FortiGate v5.4
35 -
FortiSwitch v6.4
34 -
SAML
32 -
Certificate
32 -
Authentication
31 -
Interface
31 -
SSO
30 -
NAT
30 -
RADIUS
28 -
FortiConnect
27 -
FortiLink
26 -
FortiWAN
25 -
FortiConverter
25 -
FortiGate v5.2
24 -
VDOM
24 -
Logging
24 -
Application control
24 -
Web profile
23 -
Virtual IP
22 -
FortiPAM
21 -
Fortigate Cloud
19 -
FortiSwitch v6.2
18 -
FortiPortal
18 -
FortiMonitor
18 -
SSL SSH inspection
18 -
Traffic shaping
17 -
FortiDDoS
15 -
OSPF
15 -
WAN optimization
15 -
FortiGate v5.0
14 -
IP address management - IPAM
14 -
SSID
13 -
Static route
13 -
System settings
13 -
FortiSOAR
12 -
FortiCASB
12 -
snmp
12 -
Automation
12 -
Admin
12 -
Web application firewall profile
12 -
FortiManager v5.0
11 -
FortiManager v4.0
10 -
FortiRecorder
10 -
IPS signature
10 -
4.0MR2
9 -
FortiGate v4.0 MR3
9 -
FortiWeb v5.0
9 -
FortiBridge
9 -
FortiAP profile
9 -
Proxy policy
9 -
RMA Information and Announcements
8 -
Security profile
8 -
Traffic shaping policy
8 -
Port policy
8 -
4.0
7 -
FortiDeceptor
7 -
FortiAnalyzer v5.0
7 -
FortiCache
7 -
Fabric connector
7 -
Intrusion prevention
7 -
FortiCarrier
6 -
Explicit proxy
6 -
DNS filter
6 -
trunk
6 -
Packet capture
6 -
Antivirus profile
6 -
FortiToken Cloud
5 -
FortiTester
5 -
Users
5 -
Traffic shaping profile
5 -
Email filter profile
5 -
Web rating
5 -
Fortinet Engage Partner Program
5 -
3.6
4 -
FortiScan
4 -
FortiDirector
4 -
Internet service database
4 -
Application signature
4 -
DLP sensor
4 -
Netflow
4 -
Replacement messages
4 -
FortiDB
3 -
FortiHypervisor
3 -
API
3 -
FortiNDR
3 -
NAC policy
3 -
DLP Dictionary
3 -
DLP profile
3 -
DoS policy
3 -
VoIP profile
3 -
Multicast routing
3 -
Cloud Management Security
3 -
FortiInsight
2 -
FortiAI
2 -
Kerberos
2 -
Authentication rule and scheme
2 -
Protocol option
2 -
TACACS
2 -
Schedule
2 -
SDN connector
2 -
Service
2 -
Zone
2 -
4.0MR1
1 -
FortiManager-VM
1 -
FortiCWP
1 -
Subscription Renewal Policy
1 -
Video Filter
1 -
Multicast policy
1 -
Vulnerability Management
1
Top Kudoed Authors
| User | Count |
|---|---|
| 1641 | |
| 1069 | |
| 751 | |
| 443 | |
| 210 |
Broad. Integrated. Automated.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Security Research
Company
News & Articles
Copyright 2024 Fortinet, Inc. All Rights Reserved.