This forum is for all security enthusiasts to discuss Fortinet's latest & evolving technologies and to connect & network with peers in the cybersecurity hemisphere. Share and learn on a broad range of topics like best practices, use cases, integrations and more. For support specific questions/resources, please visit the Support Forum or the Knowledge Base.
Hi,
my fortigate 60D is blocking one of our software updates.
I can update if no device and I already do the reset, even allowing all traffic policy just to test.
any idea?
PS: not also sure what port the software is using.
Thanks!
Hanivar
If you are allowing all traffic and still the update is being blocked.
You might try to select inspect all port inside the ssl inspection profile (If you are using ssl inspection)
Rony Moussa
NSE Certified : Level 8
Unfortunately, the description is quite vague.
If you cannot find any messages in the Log&Report section, there are 2 further UTMs which drop traffic:
- botnet blacklist
- Application control
The "block botnet C&C address" feature can be enabled in the interface setup ('wan1' for example) or in the policy allowing internet access. If you disable this the blacklist will not be effective anymore.
For AppControl, the category 'Malicious Websites' is always enabled regardless of other user-chosen categories. For testing, disable any UTM feature in the policy 'lan' -> 'wan1', like AV, IPS, AC, WF or SSL inspection.
The real question is if this is wise - the FGT nearly never produces false positives in my experience. The source of your sw update might well be compromised.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.