Skip to main content
Stephan_s
Stephan_s
Visitor III
April 5, 2024
Question

ZTNA : Traffic denied because of mismatch HTTP host

  • April 5, 2024
  • 2 replies
  • 2234 views

Dear all,

from time to time I get complaints about not working ZTNA provided Websites. It mostly affects onSite users only and the corresponding Error message in the ZTNA Traffic - log is like that:

 

Traffic denied because of mismatch HTTP host:[URL] with vhost(name/hostname:[access-proxy-virtual-host]/[URL])

The [Brackets] were placed by me to hide internal information. The URLs are identical and the access-proxy-virtual-host is existing.
After a while its working again by itself. I got the feeling that its maybe always happening if I do configuration changes on the firewall. But today I worked on IPSec and SSL VPN which should not be related to ZTNA. So maybe its connected, maybe not.

 

Did someone have the same issue and has an idea how to fix it?

 

best stephan

2 replies

Stephan_s
Stephan_sAuthor
Visitor III
April 5, 2024

Additional Information:
Fortigate 200E with version 7.2.7

paulistic
Staff
paulistic
Staff
May 14, 2024

I face the same problem on 7.4.3 and a Mac client. Have created a ticket for it.

    Stephan_s
    Stephan_sAuthor
    Visitor III
    May 14, 2024

    Thank you. Please let me know what the outcome is.

    Terms & ConditionsAccessibility statement