Description | This article describes the it is not possible to SSL inspection from certificate inspection to no-inspection from 6.2.0 if the security profiles are enabled. |
Scope |
|
Solution |
In the Security Profiles section, if no security profiles are enabled, the default SSL Inspection is no-inspection.
In the Security Profiles section, if any security profile is enable, the SSL Inspection changes to certificate-inspection.
In order to change from certificate-inspection to no-inspection, it is necessary to disable the security profiles in the policy.
To change the SSL-SSH -profile to no-inspection from the CLI first disable all the security profiles and then set SSL-SSH-profile to no-inspection.
FortiGate-101E (root) # config firewall policy FortiGate-101E (policy) edit 1 FortiGate-101E (1) set utm-status disable FortiGate-101E (1) set ssl-ssh-profile no-inspection |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2023 Fortinet, Inc. All Rights Reserved.