Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Rino_B
New Contributor III

Created on ‎06-02-2025 12:48 AM Edited on ‎07-09-2025 07:38 AM

SSL-VPN Web Portal breaks after 7.4.8 upgrade on 2GB models

Hi there,

 

On entry-level FortiGate models, the SSL-VPN web portal breaks after the update to FortiOS 7.4.8.

Screenshot 2025-06-02 093610.png

 

Update 2

diagnose debug console timestamp enable
diagnose debug application sslvpn -1
diagnose debug application fnbamd -1
diagnose debug enable

 

2025-06-05 11:17:43 [17810:root:4]fsv_check_path_passed:997 No access: check path failed /migadmin/rmt_index.html, /data/migadmin, /migadmin
2025-06-05 11:17:43 [17810:root:4]sslvpn_zip_handler:136 sslvpn check path failed.
2025-06-05 11:17:43 [17810:root:4]fsv_check_path_passed:997 No access: check path failed /migadmin/sslvpn/css/ssl_style.css, /data/migadmin/sslvpn/css, /migadmin/sslvpn/css
2025-06-05 11:17:43 [17810:root:4]sslvpn_zip_handler:136 sslvpn check path failed.

 

Update 3

The issue has been identified as BUG ID 1164811: https://docs.fortinet.com/document/fortigate/7.4.8/fortios-release-notes/236526/known-issues

Rino_B - FCS
Rino_B - FCS
Labels:
14847
36 REPLIES 36
kkdk
New Contributor

Created on ‎06-03-2025 10:46 AM

We have the same problem - kind of annoying ;) 

 

In the browser i see errors like "NS_ERROR_CORRUPTED_CONTENT" and "403 Forbidden" on the first screen. Clicking the OK button, gives me more of the same errors, and some "wrong mimetype" for CSS and JS files.

 

 

 

3351
Rino_B
New Contributor III
In response to kkdk

Created on ‎06-03-2025 01:14 PM

Microsoft Edge returns HTTP status code 403 Forbidden on many files. The HTTP 403 Forbidden client error response status code indicates that the server understood the request but refused to process it.

 

Screenshot 2025-06-03 220022.png

Rino_B - FCS
Rino_B - FCS
3290
0 Kudos
Snormans
New Contributor

Created on ‎06-03-2025 11:32 PM Edited on ‎06-03-2025 11:50 PM

Update: it was early, this article is not for 7.4.8. But I do know that 2GB model's stuff is being removed.
We also don't upgrade our install base of 2GB models to 7.4.x because we lose proxy support.
See article here
As part of improvements to enhance performance and optimize memory usage on FortiGate models with 2 GB RAM or less, starting from version 7.4.4, FortiOS no longer supports proxy-related features
----------------------------------------------------------------------------------------

They have removed support for SSL VPN for 2GB models, so unfortunately, that means you have to downgrade.

See Fortinet Release notes here:
https://docs.fortinet.com/document/fortigate/7.6.1/fortios-release-notes/877104/ssl-vpn-removed-from...

3214
Rino_B
New Contributor III
In response to Snormans

Created on ‎06-03-2025 11:53 PM

That relates to FortiOS 7.6.x and not 7.4.x. Please check: https://docs.fortinet.com/document/fortigate/7.6.3/fortios-release-notes/877104/agentless-vpn-former...

Rino_B - FCS
Rino_B - FCS
3204
0 Kudos
Snormans
New Contributor
In response to Rino_B

Created on ‎06-03-2025 11:56 PM

I know, I already updated my post.
I got triggered because we also had an issue with 2GB models that proxy stuff is being removed. 

3203
Lennart
New Contributor II

Created on ‎06-04-2025 04:26 AM Edited on ‎06-04-2025 04:26 AM

Experiencing same issue, these are the related log messages: 

2025-06-02 11:56:23 [403:root:b]req: /
2025-06-02 11:56:23 [403:root:b]mza: 0x358f360 /rmt_index.html
2025-06-02 11:56:23 [403:root:b]fsv_check_path_passed:997 No access: check path failed /migadmin/rmt_index.html, /data/migadmin,
 /migadmin
2025-06-02 11:56:23 [403:root:b]sslvpn_zip_handler:136 sslvpn check path failed.
2025-06-02 11:56:23 [403:root:b]req: /sslvpn/css/ssl_style.css
2025-06-02 11:56:23 [403:root:b]mza: 0x358f3a8 /sslvpn/css/ssl_style.css
2025-06-02 11:56:23 [403:root:b]fsv_check_path_passed:997 No access: check path failed /migadmin/sslvpn/css/ssl_style.css, /data
/migadmin/sslvpn/css, /migadmin/sslvpn/css
2025-06-02 11:56:23 [403:root:b]sslvpn_zip_handler:136 sslvpn check path failed.

 

3241
BillH_FTNT
Staff
Staff
In response to Lennart

Created on ‎06-04-2025 08:22 AM

Hi Lennart

We also want to check and reproduce your issue too. Could you please share all the logs, configuration to my email bhoang@fortinet.com; Many thanks

Bill

3190
GerryU
New Contributor

Created on ‎06-04-2025 08:21 AM

Peeps,
Something broke recently, as I was saying,  May 5th is the date I updated the FG60F FW to 7.4.8. I tested the WebPortal and a few days then after it was working fine. It looks like June 2nd I started to get call pertaining to this issue. 

What log can I extract to see all Web portal access'?

Further, have you tested upgrading to 7.6.x? Can't wait to see how Agentless works.

3192
0 Kudos
GerryU
New Contributor
In response to GerryU

Created on ‎06-04-2025 08:54 AM

Awww Agentless will not be avail on the FGT-60F... :\

 

3167
0 Kudos
BillH_FTNT
Staff
Staff

Created on ‎06-04-2025 11:10 AM

Hi All, 

If you're experiencing issues with SSL VPN in web mode on version 7.4.8, please feel free to collect the following data using the commands below and share it with me.

1. Collect vpn data
diagnose vpn ssl statistics
diagnose vpn ssl mux-stat
diagnose vpn ssl list
execute vpn sslvpn list

2. Collect Debug data
diagnose debug console timestamp enable
diagnose debug application sslvpn -1
diagnose debug application fnbamd -1
diagnose debug enable

 

I’m Bill from Fortinet. You can send the information to my email: bhoang@fortinet.com

 

In GerryU case; 

We’ve already had an internal ticket for the Engineering team. The issue is currently being processed, and we’ll provide you with an update soon. Many thanks!

 

Regards

Bill

3134
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.