Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Jijoy
New Contributor II

Banking website - Page Not found

Hello, I have a major problem. I have many offices in UAE on FGT60B Firmware: 3.00-b0737(MR7 Patch3). When I try to logon to a major international bank website and go into their online banking page, IE gives me a page not found error. I can reach their main page but as soon as I click Log On the I get " Page not Found" error. I tried from home and I can access the page without any problems or time out. Also I can also access the page from office, if protection profile is switched off. I do not think its IE problems as the same users who have difficulty accesssing online banking from office can do the same from home using the same laptop. Please HELP!!!!!!!!!!!! Regards J
23 REPLIES 23
abelio

ORIGINAL: hidayet Maybe upgrade version works
Hummm.. do you really think that? Jijoy didn´t post yet his logs output. Likely there we could get the exact cause of the issue. We don´t know yet if there´s a protection profile problem or not. IE´s generic error page is a very poor tool to trace a problem, don´t you agree? regards

regards




/ Abel

regards / Abel
billp
Contributor

Abel, Agreed that IE has terrible diagnostic messages. In cases like this, I recommend using Chrome to find out the exact error being thrown. It gives much better error reporting than IE.

Bill ========== Fortigate 600C 5.0.12, 111C 5.0.2 Logstash 1.4.1

Bill ========== Fortigate 600C 5.0.12, 111C 5.0.2 Logstash 1.4.1
Jijoy
New Contributor II

Hidayet, Abelio, Billp, Some more findings. hsbc.ae works using firefox. But hsbc bank only supports IE for any bank transaction, so I cannot tell my users to switch to firefox because many of their transactions would never work. I have a 40 meg line, so speed is not an issue. What logs do you want? I am not an expert, so if you guys could further help me resolve this problem, I would really appreciate. Regards J
abelio

What logs do you want? I am not an expert, so if you guys could further help me resolve this problem, I would really appreciate.
Assuming you' re applying a protection profile to that policy, that profile has log settings; wherever you log your firewall activity (memory, analyzer, syslog, webtrends) you could check logs to see if that a webfilter error, av error or any else. BTW, in your shoes, the first thing i' ll try would be: - define a firewall policy with destination www.hsbc.ae on top of your navigation policies with no protection profile. - test again; if everything is working, then some of the several settings of your prior protection profile is triggering the issue. then you' ve to find which is, dissecting your profile properly and re-testing.

regards




/ Abel

regards / Abel
billp
Contributor

Jijoy, If you try Chrome (you don' t need to switch to this permanently), it might give you a more specific error. Generally, Chrome reports the specific error directly on the screen -- I think you might need to click a " +" symbol next to the error -- can' t be certain. It' s worth a try just to debug this. Just for fun, I tried visiting www.hsbc.ae using Chrome, Firefox, and IE 8. I didn' t have any problems going to the login page. I' m not using 3 MR7 Patch 3, though. You might try creating a firewall policy exception just for this particular address. It' s not an ideal solution, but might help you troubleshoot this further. Create an FQDN Address for www.hsbc.ae in the Firewall menu. Then create a new policy at the top of your policy list that passes all traffic to that address without filtering it with UTM features. If that works, you can slowly add UTM features until you figure out the area that' s causing the problem.

Bill ========== Fortigate 600C 5.0.12, 111C 5.0.2 Logstash 1.4.1

Bill ========== Fortigate 600C 5.0.12, 111C 5.0.2 Logstash 1.4.1
Jijoy
New Contributor II

Hello Abel and Bill, I created a policy for hsbc.ae without any firewall and still have the same error. I tried with Chrome and I can access the page without any errors. Also on IE8 when i click on diagnose problem on IE, the page automatically loads. Thanks, J
discoveryit
New Contributor

Your not using Application Control are you? If it for some reason see' s this site as a bad site it will look like this when it blocks.
FCNSP
FCNSP
discoveryit
New Contributor

Also... there was an error with a switch from http to https or something like that.. this happened even if you had a blank profile with no blocking. it was a problem in a previous firmware i ran ... cant remember which one. try upgrading to a new firmware.. or you could make a policy that allows your site out before your other outbound policy.
FCNSP
FCNSP
SECCON1MC
New Contributor

What type of internet connection do you have? Do you have problems with any other https websites? This could be related to your provider' s router fragmenting packets. You may need to lower your tcp-mss for that interface/policy.
[link=http://logMojo.com]logMojo[/link] by Security Confidence Cloud Based - Logging ● Alerting ● Reporting ● Monitoring ● Management Signup today!
[link=http://logMojo.com]logMojo[/link] by Security Confidence Cloud Based - Logging ● Alerting ● Reporting ● Monitoring ● Management Signup today!
discoveryit
New Contributor

not sure if this is the error. but this is a bug fix with MR7 patch 4 2.7 Web Filter Description: When FortiGuard webfiltering is enabled and some HTTPS websites are accessed, instead of showing the FortiGuard block page an " Data Transfer Interrupted" error page is displayed. Models Affected: All Bug ID: 84099 Status: Fixed in MR7 – Patch Release 4.
FCNSP
FCNSP
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors