Fortinet white logo
Fortinet white logo

Administration Guide

Policy Status

Policy Status

Go to Status > Policy Status to access summary information about server policies and their activity. If it's not available in the Dashboard menu, refer to Monitors for how to add a monitor.

The top pane of the dashboard is a list of configured policies. The bottom pane is a list of physical or domain servers associated with the selected polices. For HTTP content routing policies, the list of servers is organized by content routing policy.

In the policy list, Status displays whether the policy is enabled or disabled. For information about enabling policies, see Enabling or disabling a policy.

The Concurrent Connections and Connection/Sec columns shows information about the connections the policy currently governs.

For information on the other policy properties that are displayed, such as Vserver and Mode, see Configuring an HTTP server policy.

For information on the server properties that are displayed, such as Pool and IP/Domain Name, see Creating an HTTP server pool.

Health Check Status

In the server list, the Health Check Status column displays one of the following icons:

  • Green icon—The server health check is currently detecting that the web server is responsive to connections (“up”).

The green icon does not indicate whether the policy is enabled or disabled. Depending on the operation mode, a disabled policy may block traffic from clients to the web server, effectively causing the web server to appear to be “down” to clients, even though it is “up” to FortiWeb. For details, see Enabling or disabling a policy.

It also does not indicate both HTTP and HTTPS separately. Protocol and port number used are according to your configuration in the server pool.

  • Flashing yellow-to-red or grey icon—Either:
    • No server health check is currently configured for that combination of server pool and policy
    • The server health check is currently detecting that the web server is not responsive to connections (“down”)

The method that the FortiWeb appliance uses to reroute connections to an available server varies by your configuration of Load Balancing Algorithm. For information on server health checks, see Configuring server up/down checks.

If the server health check is mistakenly detecting that your web server is “down,” but it is actually “up,” verify that you have specified the correct SSL/TLS and port number settings for the web server in the server pool. Also verify that the web server is configured to respond to the protocol configured in the server health check, and that connections are permitted by any intermediary network or host-based firewalls such as Windows Firewall.

Alternatively, to monitor the status of web servers, you can use SNMP traps. For details, see SNMP traps & queries.

Session Count

In the top pane, the Concurrent Connections and Connection/Sec columns display a count of client connections that the virtual server is maintaining.

In the bottom pane, the Concurrent Connections column displays a count of connections to server pools that contain one or more back-end servers.

In some cases, the virtual server maintains a client session even though the client is not requesting data from the back-end server. When this happens, the Concurrent Connections column in the bottom pane is 0 even though the Concurrent Connections value in the top pane indicates there are one or more current sessions.

Policy Status

Policy Status

Go to Status > Policy Status to access summary information about server policies and their activity. If it's not available in the Dashboard menu, refer to Monitors for how to add a monitor.

The top pane of the dashboard is a list of configured policies. The bottom pane is a list of physical or domain servers associated with the selected polices. For HTTP content routing policies, the list of servers is organized by content routing policy.

In the policy list, Status displays whether the policy is enabled or disabled. For information about enabling policies, see Enabling or disabling a policy.

The Concurrent Connections and Connection/Sec columns shows information about the connections the policy currently governs.

For information on the other policy properties that are displayed, such as Vserver and Mode, see Configuring an HTTP server policy.

For information on the server properties that are displayed, such as Pool and IP/Domain Name, see Creating an HTTP server pool.

Health Check Status

In the server list, the Health Check Status column displays one of the following icons:

  • Green icon—The server health check is currently detecting that the web server is responsive to connections (“up”).

The green icon does not indicate whether the policy is enabled or disabled. Depending on the operation mode, a disabled policy may block traffic from clients to the web server, effectively causing the web server to appear to be “down” to clients, even though it is “up” to FortiWeb. For details, see Enabling or disabling a policy.

It also does not indicate both HTTP and HTTPS separately. Protocol and port number used are according to your configuration in the server pool.

  • Flashing yellow-to-red or grey icon—Either:
    • No server health check is currently configured for that combination of server pool and policy
    • The server health check is currently detecting that the web server is not responsive to connections (“down”)

The method that the FortiWeb appliance uses to reroute connections to an available server varies by your configuration of Load Balancing Algorithm. For information on server health checks, see Configuring server up/down checks.

If the server health check is mistakenly detecting that your web server is “down,” but it is actually “up,” verify that you have specified the correct SSL/TLS and port number settings for the web server in the server pool. Also verify that the web server is configured to respond to the protocol configured in the server health check, and that connections are permitted by any intermediary network or host-based firewalls such as Windows Firewall.

Alternatively, to monitor the status of web servers, you can use SNMP traps. For details, see SNMP traps & queries.

Session Count

In the top pane, the Concurrent Connections and Connection/Sec columns display a count of client connections that the virtual server is maintaining.

In the bottom pane, the Concurrent Connections column displays a count of connections to server pools that contain one or more back-end servers.

In some cases, the virtual server maintains a client session even though the client is not requesting data from the back-end server. When this happens, the Concurrent Connections column in the bottom pane is 0 even though the Concurrent Connections value in the top pane indicates there are one or more current sessions.