7.0.4 - break Proxy inspection

Forum|Forum|4 years ago
January 28, 2022
21 replies
36111 views

Hello,

yesterday I upgraded FG200E to version 7.0.4.

In the previous version 7.0.1 I used proxy inspection + SSL deep inspection (certificate signed from AD). After the update (7.0.1 -> 7.0.3 -> 7.0.4) all policies in Proxy mode stopped working. Each browser returned an "err_ssl_protocol_error" error, but eg IMAPS, SMTPS worked well.
Once I've adjusted the Policy to flow (and all UTMs), everything works.

There wasn't much time to find out why it behaves like this, I'll continue this weekend.

Has anyone tried to deploy 7.0.4?

Jirka

FortiGate

Show previous replies

unsecur3d

Visitor III

hey, just in case anyone is still going through this.. I narrowed this down to a protocol options setting. I have not yet determined specifically which one, but if i switch it from my custom one used for proxy a/v to a custom ports allowed configuration, proxy mode deep inspection works with any profile.

So something in there breaks it.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded