80C - Enabling SSL Inspection?

iosman123 · ‎11-10-2019

Hello, Hey everyone, Currently attempting to enable SSL inspection/MITM on a 80C and it doesn't seem to be working.[ul]

I have a single FW rule for the outgoing NAT traffic.

I don't see the FGT certificate being presented to hosts browsing HTTPS sites behind the FW. I am seeing the traffic hitting the correct policy.

It doesn't have a license. It's just for testing stuff in a lab.

Running v5.6.3 build1547 (GA)[/ul]Is the SSL inspection feature behind the paid license? Anything else I could try to properly tshoot this? Let me know if there is anything else I can provide. thanks iosman _____________________ videoder online notepad 0x80070490

jmezo · ‎11-22-2019

How are you pushing the SSL certificate to your clients? Have you tried manually installing the certificate on a client and then see if it works? I push mine through Group Policy for my Windows machines and through Google Admin to my student chromebooks.

emnoc · ‎11-22-2019

Without seeing your cfg, it would be hard to determine what the issue(s) are. I wrote this article a few years back on SSL decryption and Fortios http://socpuppet.blogspot.com/2018/05/av-with-https-inspection-fortios.html Follow that and see what could be the issues Ken Felix

PCNSE

NSE

StrongSwan

80C - Enabling SSL Inspection?

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website