|
After upgrading to FortiOS 7.2.6 or 7.4.1, if the 'ssl-mode' of the Virtual Servers configuration is set to 'full', the Virtual Servers may not work properly. Below is an example where Virtual Servers are configured with 'ssl-mode full':
config firewall vip
edit <VIP_name>
set uuid <ID_of_UUID>
set type server-load-balance
set server-type https
set extip <IP_address>
set extintf "any"
set http-ip-header enable
set monitor <Name_of_the_health_check_monitor>
set color 9
set ldb-method least-session
set persistence http-cookie
set extport 443
config realservers
edit 1
set ip <IP_address>
set port 443
next
edit 2
set ip <IP_address>
set port 443
next
edit 3
set ip <IP_address>
set port 443
next
end
set http-multiplex enable
set ssl-mode full
set ssl-certificate <Certificate_name>
next
end
In order to fix the issue, execute the following commands on the Virtual Servers which are not working properly:
config firewall vip
edit <VIP_name>
set server-type ssl
next
end
After executing the above commands, the issue with Virtual Servers should not be present anymore.
|
