| Description |
This article describes that after the firmware upgrade (from v6.4.x) the below warning message might be seen on firewall policies on which the UTM profile has been enabled on.
This policy has the following issues:
|
| Scope | FortiGate. |
| Solution |
The above warning message is for the new available SSL inspection profile named 'no-inspection' in the latest firmware patches and it does not affect the network traffic. In order to resolve the above warning message, re-enable the UTM profiles on the firewall policy via GUI.
Note that the warning message is applied only to the use of the SSL inspection profile 'no-inspection'. Any other created profile which produces the same outcome, i.e: no-inspection, will not generate the warning. This is a design choice for 'newer' security admin to not assume the default profile 'no-inspection' works in tandem with other UTM profiles for encrypted traffic. The assumption is that if the security admin has created his own profile, it understands the impact on the different type of traffic.
Related documents: https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-disable-SSL-Inspection/ta-p/190691 https://docs.fortinet.com/document/fortigate/6.2.12/cookbook/929997/ssl-inspection |
