Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
fortiFWuser
Contributor

Https acces to the firewall

Hello, 

 

I have a new fortigate installed yesterday

Today at the morning i entered normally. 

 

Now that I am trying the page does not load and the login does not open

 

Any ideeas??

 

Thanks and regards, 

Konstantinos

6 REPLIES 6
metz_FTNT
Staff
Staff

Hi Konstantinos,

 

First try to ping the IP to verify if network connectivity is ok.

Then SSH login, if you can SSH then check if http/https service is enabled on the interface

 

 

 

 

fortiFWuser

Hello, 

 

How do I check the service?

The thing is that i have this issue from the outside 

From internal net I can login normally. 

 

metz_FTNT

Hi,

 

On the interface facing internet check the allowaccess:

 

https://docs.fortinet.com/document/fortigate/6.0.0/handbook/909236/configuring-administrative-access...

 

Can you SSH from outside ?

Also, is public IP on the Fortigate ? Therefore no NAT and portforward required in front of it ?

 

 

seshuganesh

Hi Team,

 

If you aare not able to login to foritgate firewall from external network:

1. Check if https is enabled in the wan interface

2. Check if there is any VIP configured for that IP on that interface, may be the traffic is getting DNATed

3. Also you can take sniffer, lets say if you are accessing firewall from this iP address (a.b.c.d), you can execute this command:

diag sniffer packet any 'host a.b.c.d and port <port-number>' 4 0 a

Just see whats happening with this packet

fortiFWuser
Contributor

The matter is sth with the http service 
Probably it was stuck

I could normally login from the inside
I could normally SSH from the outside

 

Only the https from the outside could not open

 

Muhammad_Haiqal

Hi Konstantinos,
Here is your scenario:

Access from Internal - working

Access from outside - not working

 

1st, please verify as follow:

To configure protocols for administrative access to interfaces - GUI
  1. Go to Network > Interfaces.
  2. Select the interface that you want to configure administrative access for and select Edit.
  3. In the Administrative Access section, select the protocols that you want to allow an administrator to use to access the FortiGate. In your case, is HTTPS.
  4. Select OK.

2nd, please make sure you are using public IP for the WAN interface on Fortigate. Since you want to access from outside, this WAN interface should be reachable directly from outside.

Hope this help.

haiqal
Labels
Top Kudoed Authors