Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
fahadahmed
New Contributor

BYOD Users

Hello,

 

For Internal users which are already joined to Domain we can create policies with SSL Inspection and DPI. How about BYOD Users ?

 

How can we apply DPI SSL Inspection for BYOD users ?

2 REPLIES 2
MikePruett
Valued Contributor

You need to install the cert manually for them. 

Mike Pruett Fortinet GURU | Fortinet Training Videos
hmtay_FTNT
Staff
Staff

Hello,

 

Mike is correct that you would need to install the certificate manually for them if you are using a self-signed SSL Certificate (like the default FortiGate's one).

 

If you would like to do deep-inspection without installing a certificate manually, you need to get a properly signed SSL Certificate by an authorized Certificate Authority (CA). This will allow the BYOD devices to build a proper chain of trust to the Root CA. Once you get a properly signed SSL Certificate, import the private key and the Certificate to the FortiGate. You would not need to manually install the certificate in any BYOD devices this way.   

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors