FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
AlexC-FTNT
Staff
Staff
Article Id 201731
Description

This article describes a possible solution to this error.

Scope

FortiProxy, FortiGate.

Solution

As visible in this article, the message received is most probably generated if the Proxy (FortiProxy or FortiGate) either did not receive a DNS response for the host-name or the response it received was not good (not reachable/not understandable etc).

 

So the default action it takes is to inform the client (showing this message).

 

In most cases, a simple reload of the page works – possibly because the second response from the server is ok, or a different server is replying.

 

A simple change can fix this default behavior and improve the browsing experience:

 

FortiGate:

 

config web-proxy explicit

    set message-upon-server-error disable <- Default is 'enable'.

end 

 

FortiProxy:

 

config web-proxy global

    set message-upon-server-error disable <- Default is 'enable'.

end 

 

This change means the error is not shown to the client and allows the browser to retry the connection to the website.

Sometimes this is all that is needed.

However, there is no notification shown in case another problem occurs. 

 

Additional note:

Note that this option will not be shown in 'show full-configuration' unless the status is enabled:

 

config web-proxy explicit

show full

config web-proxy explicit
    set status enable <-