Fortinet black logo

Administration Guide

Login common issues

Login common issues

If the person cannot access the login page at all, it is usually actually a connectivity issue (see "Configuring the network settings" in FortiWeb Administration Guide) unless all accounts are configured to accept logins only from specific IP addresses.

If an administrator can connect, but cannot log in, even though providing the correct account name and password, and is receiving this error message:

Too many bad login attemptsor reached max number of logins. Please try again in a few minutes. Login aborted.

This may because the single administrator mode may have been enabled. For details, see "Enable Single Admin User login" in FortiWeb Administration Guide.

When an administrator account cannot log in from a specific IP

If an administrator is entering his or her correct account name and password, but cannot log in from some or all computers, examine that account’s trusted host definitions (see Trusted Host). It should include all locations where that person is allowed to log in, such as your office, but should not be too broad.

Remote authentication query failures

If your network administrators’ or other accounts reside on an external server (e.g. Active Directory or RADIUS), first switch the account to be locally defined on the FortiWeb appliance.

If the local account fails, correct connectivity between the client and appliance (see Login common issues).

If the local account succeeds, troubleshoot connectivity between the appliance and your authentication server.

If routing exists but authentication still fails, you can verify correct vendor-specific attributes and other protocol-specific fields by running a packet trace (see Packet capture).

Login common issues

If the person cannot access the login page at all, it is usually actually a connectivity issue (see "Configuring the network settings" in FortiWeb Administration Guide) unless all accounts are configured to accept logins only from specific IP addresses.

If an administrator can connect, but cannot log in, even though providing the correct account name and password, and is receiving this error message:

Too many bad login attemptsor reached max number of logins. Please try again in a few minutes. Login aborted.

This may because the single administrator mode may have been enabled. For details, see "Enable Single Admin User login" in FortiWeb Administration Guide.

When an administrator account cannot log in from a specific IP

If an administrator is entering his or her correct account name and password, but cannot log in from some or all computers, examine that account’s trusted host definitions (see Trusted Host). It should include all locations where that person is allowed to log in, such as your office, but should not be too broad.

Remote authentication query failures

If your network administrators’ or other accounts reside on an external server (e.g. Active Directory or RADIUS), first switch the account to be locally defined on the FortiWeb appliance.

If the local account fails, correct connectivity between the client and appliance (see Login common issues).

If the local account succeeds, troubleshoot connectivity between the appliance and your authentication server.

If routing exists but authentication still fails, you can verify correct vendor-specific attributes and other protocol-specific fields by running a packet trace (see Packet capture).