Fortinet 130 FortiWeb 5.0 Patch 6 Administration Guide
host (depending on its operating system) to test routability for traffic traveling in the opposite
direction: from the host to the FortiWeb.
• If these tests fail, or if you do not want to enable PING, first examine the static route
configuration on both the host and FortiWeb.
To display all routes with their priorities, enter the CLI command:
diagnose network route list
You may also need to verify that the physical cabling is reliable and not loose or broken,
that there are no IP address or MAC address conflicts or blacklisting, and otherwise rule
out problems at the physical, network, and transport layer.
• If these tests succeed, a route exists, but you cannot connect using HTTP or HTTPS, an
application-layer problem is preventing connectivity.
Verify that you have enabled http and/or http on the network interface (“To configure a
network interface’s IPv4 address via the CLI” on page 117). Also examine routers and
firewalls between the host and the FortiWeb appliance to verify that they permit HTTP
and/or HTTPS connectivity between them. Finally, you can also use the CLI command:
diagnose system top 5 30
to verify that the daemons for the web UI and CLI, such as sshd, newcli, and httpsd
are running and not overburdened. For details, see the FortiWeb CLI Reference.
See also
•Configuring the network interfaces
•Configuring a bridge (V-zone)
•Configuring DNS settings
Configuring DNS settingsLike many other types of network devices, FortiWeb appliances require connectivity to DNS
servers for DNS lookups.
Your Internet service provider (ISP) may supply IP addresses of DNS servers, or you may want
to use the IP addresses of your own DNS servers. You must provide unicast, non-local
addresses for your DNS servers. Local host and broadcast addresses will not be accepted.
Incorrect DNS settings or unreliable DNS connectivity can cause issues with other features,
including FortiGuard services and NTP system time.
For improved performance, use DNS servers on your local network.