Technical Tip: Analyzing Website Access issue with HAR Log Tools

acvaldez · ‎07-17-2024

Description

This article describes how to use the HAR log to further check which destination address to focus on when encountering a website access issue.

Scope

FortiGate.

Solution

Diagram:

Sample Scenario:

This capture was taken in a lab environment just to show how to maximize the HAR log tool to see which IP to focus on in website access issues.

Test machine (IP: 10.118.4.202) is experiencing slowness when accessing CoinMarketCap, while other websites (e.g., Google, YouTube) are working fine. Here is the approach to diagnose and resolve this issue:

Open Chrome Developer Tools:

Navigate to the Network tab:

Ensure the Domain column is visible:

Check the HAR log for unsuccessful traffic when the issue occurs.

Analysis:

From the HAR log, a JavaScript file from the domain cdn.cookielaw.org failed to load:

Ping the domain cdn.cookielaw.org to obtain its IP address:

ping cdscookiesorg.png

Filter this IP address in FortiGate to observe how it is being handled:

fortigate log.png

Resolution:

In the lab FortiGate, filtering logs using the IP [104.19.177.52] showed that traffic to this IP was being blocked.
Creat a policy in FortiGate to allow traffic to this IP.
After implementing the policy, CoinMarketCap started working without any issues.

Technical Tip: Analyzing Website Access issue with HAR Log Tools

You are leaving our website