Hot!Forti60 Remote administration fails

Author
DaveCSuite
New Member
  • Total Posts : 7
  • Scores: 0
  • Reward points: 0
  • Joined: 2021/10/05 04:21:51
  • Status: offline
2021/10/14 04:40:57 (permalink) 6.2
0

Forti60 Remote administration fails

Should be simple but I'm stuck. I have a new HA pair of Forti60 and I just need remote admin access. I can get in on a LAN interface and have the public WAN configured to allow http, https and SSH. 
I'm over an hour away from the office and went in last night to straighten this out. I called support and it seemed to just start working (allow web page) while we were on the call. I came home and cannot get the page to display, just site can't be reached.

This site can’t be reached

23.30.178.17 took too long to respond.
 
Host is up (0.046s latency).
Not shown: 96 filtered ports
PORT STATE SERVICE
22/tcp open ssh
80/tcp open http
113/tcp closed ident
179/tcp open bgp
 
I also get SSH time out. Should 113/tcp be listening?
 
 I should add that there are no rules to allow only from a trusted subnet.
post edited by DaveCSuite - 2021/10/14 04:59:14
#1

4 Replies Related Threads

    ede_pfau
    Expert Member
    • Total Posts : 6513
    • Scores: 565
    • Reward points: 0
    • Joined: 2004/03/09 01:20:18
    • Location: Heidelberg, Germany
    • Status: offline
    Re: Forti60 Remote administration fails 2021/10/14 06:15:10 (permalink)
    0
    You should focus on login via ssh, this uses the least resources. For WebGUI access the FGT needs to have enough free RAM, much more than for SSH.
    What is the (debug) log entry if SSH fails?

    Ede

    " Kernel panic: Aiee, killing interrupt handler!"
    #2
    rwpatterson
    Expert Member
    • Total Posts : 8539
    • Scores: 207
    • Reward points: 0
    • Joined: 2006/08/08 10:08:18
    • Location: Long Island, New York, USA
    • Status: online
    Re: Forti60 Remote administration fails 2021/10/14 06:55:39 (permalink)
    0
    Ditto on that. Those old units were prone to memory issues (not enough) and they would end up in a reduced capacity whereas some services would be on hold while the system struggled to recover RAM. I forgot the term off the top of my head. (recovery mode??) Hopefully you have the latest version of firmware installed (even though it's probably over ten years old).
    post edited by rwpatterson - 2021/10/14 06:57:15

    Bob - self proclaimed posting junkie!
    See my Fortigate related scripts at: http://fortigate.camerabob.com
    -5.6.13-b1714: FWF80CM
    -5.2.13-b0762: FWF81CM, FWF80CM
    -5.0.14-b0323: FWF81CM, FWF80CM(3)
    -4.3.19-b0694: FWF81CM
    #3
    ede_pfau
    Expert Member
    • Total Posts : 6513
    • Scores: 565
    • Reward points: 0
    • Joined: 2004/03/09 01:20:18
    • Location: Heidelberg, Germany
    • Status: offline
    Re: Forti60 Remote administration fails 2021/10/14 10:01:25 (permalink)
    0
    "conserve mode"
     
    and if you think this is a thing of the past...no way.

    Ede

    " Kernel panic: Aiee, killing interrupt handler!"
    #4
    rwpatterson
    Expert Member
    • Total Posts : 8539
    • Scores: 207
    • Reward points: 0
    • Joined: 2006/08/08 10:08:18
    • Location: Long Island, New York, USA
    • Status: online
    Re: Forti60 Remote administration fails 2021/10/14 10:24:19 (permalink)
    0
    Damn. My units are really lightly used without any subscription features, so I haven't had the pleasure of hitting conserve mode. Good luck.

    Bob - self proclaimed posting junkie!
    See my Fortigate related scripts at: http://fortigate.camerabob.com
    -5.6.13-b1714: FWF80CM
    -5.2.13-b0762: FWF81CM, FWF80CM
    -5.0.14-b0323: FWF81CM, FWF80CM(3)
    -4.3.19-b0694: FWF81CM
    #5
    Jump to:
    © 2021 APG vNext Commercial Version 5.5