Hi,
We recently upgraded 6.0.10 to 6.2.5 and since then we are experiencing issues with some websites (ex: cnn.com) in proxy mode. If I switch to flow mode in the policy related to that traffic then it works. I switch all internet related policies to flow mode but that's not the best for the long run.
Anyone else having proxy mode issues? What do you do? Downgrade to another version? What about 6.4?
Thank you,
Fortigate : 80E, 80F, 100E, 200F, 300E : 6.4.6
FortiAnalyzer, ForticlientEMS
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hello,
it is a known bug:
588661 Customer had issue accessing the HTTPS website after enabling the proxy web filter.
658654 Cannot access the specific website using proxy-based UTM with certification inspection.
I assume it will be fixed in 6.2.6.
Jirka
I recently upgraded from 6.0.9 to 6.2.5 and am having a similar issue. When I enable any of the filters in the policy, a multitude of websites are not accessible. I have not tried switching to flow mode, but agree that is not the answer.
I have thought about downgrading to 6.2.4. Any suggestions would be appreciated.
UP!
I have the same problem with 02 FortiGate 60E
6.2.6 is now available. The two bugs are on the fixed list.
I switched some https with web filtering policies to flow mode and once in a while users get a certificate error. I believe this is a known issue too?
Fortigate : 80E, 80F, 100E, 200F, 300E : 6.4.6
FortiAnalyzer, ForticlientEMS
Hi Mike.
I had the issue with certain web site access in 6.2.5 using proxy mode.
I switched to flow mode and then had the certificate issues. Refreshing the browser page brought up the site no problem without having to accept an un-trusted certificate.
Upgrading to 6.2.6 fixed these problems... but then introduced the IKE process crash issues, so I had to revert.
Fortinet have just released 6.2.7, which I have upgraded to in a test environment... and all three issues appear to have been fixed.
Regards, Phil.
We are still experiencing flow mode issues in 6.2.7. We can't reproduce the proxy issue so far in 6.2.7 but we still had issues in 6.2.6. The IKE issue is fixed so far in 6.2.7 after 4 days.
Fortigate : 80E, 80F, 100E, 200F, 300E : 6.4.6
FortiAnalyzer, ForticlientEMS
Ah, okay. I've just checked and my test FortiGate is doing deep inspection, rather than certificate inspection. Maybe that's why I've not seen an issue.
I'll change to certificate inspection and test again.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1696 | |
1091 | |
752 | |
446 | |
228 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.