Unable to use SSL Inspection on NGFW Policy mode

Forum|Forum|6 years ago
August 20, 2019
0 replies
1509 views

Hi All,

Apologies ahead for my English as it not my native language.

We run on our LAN Fortigate 3000D with 6.0.4 OS, NGFW Policy mode inspection.

I want to apply SSL Inspection on Internet traffic on different ports, decrypt SSL on port 8080 towards our Proxy server and Decrypt SSL on port 443 for direct internet access.

I have configured different SSL-Inspection profiles for different ports and different certificates for each, however, when i went to apply a profile to some test policy the ssl-inspection bar is grey out.

Some point -

[ul]

Use multiple security profiles enabled under feature visibility.

When you pick NGFW policy mode on 6.0 you have to pick some default ssl-inspection profile, which i did for simple certificate inspection.

On YouTube i found some video made by Guru where i saw that different inspection profiles is an option on NGFW policy mode and there is no only one default profile for all my traffic. [link]https://www.youtube.com/watch?v=4rbcr5DcjKY[/link]3

Didnt find any option under CLI which enable or disable use of multiple ssl-profiles.[/ul]

I have opened a TAC ticket but no answer yet so i turn to public help, does anyone faced same issue and were able to fix it?

Thanks for any help,

Alexey

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded