Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
yanivg11
New Contributor II

Old stand alone device FortiGate 100D- how to set management FQDN instead of IP?

Hi All,

We have an old FortiGate 100D (v6.0.5 build0268 (GA)) which we access by browser with the IP address of it.

I have installed self-signed SSL on it and added it to the administration setting to start accessing it by FQDN, however the interface pages loading and lagging and giving message such as "failed to load data"

This is not happening when we access with IP, only with the FQDN.

 

I think that the issue is that we need to set the management FQDN but I'm not sure how to set this,

the management IP is on Port1 physical interface which checked with "FMG-Access"

 

How can we resolve this issue?

Tnx

5 REPLIES 5
distillednetwork
Contributor III

Are you seeing the lagging when you try to connect to the device through a browser or with Fortimanager?  IF with the browser, the FQDN should not matter as long as your DNS is resolving properly, there is not setting in the fortigate to tell it what its external FQDN is.  The port you are resolving the FQDN to should be setup with HTTPS for management, FMG is just for Fortimanager access to the device.

yanivg11
New Contributor II

hi distillednetwork, thank you for your reply.
This is happening when I browse the FW through browser, I also have this issue on another forti device (also stand alone, this time 240D).
I also suspect this could be some kind of DNS issue, but not sure how this should be resolved, this is why I think the forti should be set with this FQDN as management.
Is there a way to set hosts file record for forti? I'm open to any suggestions on this issue

Tnx

distillednetwork

You can setup the DNS database on the Fortigate but again I don't think this is the issue.  Could you for testing purposes, setup the FQDN in your host file on your computer and verify if you see the same behavior?  

yanivg11
New Contributor II

hi distillednetwork,

I have tried that already, even when I set the FQDN in my Hosts file, it is not working well.

There is some minor improvement, however when I browse through the interface pages its still lagging and I also get sometimes notification saying "Lost Connection to Foritgate - Attempting to reconnect" and than it disappears after few seconds and keep working.

This is not happening when I access the web interface by IP, only with FQDN.
This is why I think it could be some kind of internal DNS resolution within the Forti device itself, which led me to think the FQDN should be set as the management FQDN somewhere.

yanivg11
New Contributor II

Hi,

I have found the issue eventually,

Turns out that our Corp IT department had started to implement SSL decryption by our anti-virus without me knowing on it, once we excluded the FQDN from it all started to work smoothly.

Tnx all for your help

Labels
Top Kudoed Authors