Send logs to FortiAnalyzer - disable SSL encryption not possible in 6.0.4?

Forum|Forum|7 years ago
April 9, 2019
1 reply
5226 views

We are using Fortigates on sattelite connection and in order to optimize then are we using built in WAN optimization. In order to wan optimize FortiAnalyzer traffic then is source interface set to LAN IP on the fortigate and SSL encryption would be nice to remove in order to optimze.

I have not been able to disable encryption in 6.0.4. In GUI if trying to disable it is on again after loading setting and in cli (enc-algorithm) is it only possible to select between high-medium, high and low - it is not possible to disable.

Do anyone have information that could help me solving this issue?

chall_FTNT

Staff

Per Mantis 491465, starting in FortiOS 6.0.3, the ability to disable SSL for OFTP has been disabled for vulnerability reasons. If you need to send logs without encryption, disable the reliable option which causes logs to be sent via UDP instead.

ncrealteitAuthor

New Member

Hi Per Thank you for the clarification, but using UDP would not make the traffic possible to wan opt through the Fortigate :o(

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded