Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
unknown1020
New Contributor III

Cannot access internet pages - FortiGate

Good morning friends, I need your help.

 

I am having problems accessing different web pages that I used to access normally and today I have had those problems.

 

When I try to access a web page, the following message is generated (see image), the strange thing is that after several minutes it is possible to enter the page, however after another minutes or hours. the same message from the image returns. In short, the problem is intermittent.

 

The connection is not private

Attackers may be trying to steal your xxxxxx.com information (for example, passwords, messages, or credit cards).

NET::ERR_CERT_AUTHORITY_INVALID

 

 

The policy I am in has all security profiles enabled including the ssl certificate inspection.

 

Checking the firewall, I noticed that the fortiguard servers were down and the following red message "Unable to connect to FortiGuard servers" was displayed. Additionally, the firewall used fortiguard DNS.

 

Could you tell me if my problem accessing the website (see image) is due to the fortiguard servers being down? Keep in mind that in my web filter profiles I already had the 'Allow Websites When a Rating Error Occurs' option enabled for a long time.

 

Seeing that the fortiguard servers were down, I changed the DNS of my ISP provider but the problem with accessing the page continued.

 

Could you please help me, since the problem is intermittent, for minutes or hours the pages can be accessed then the message in the image appears. Then it is fixed and again you cannot access web pages.

 

3 REPLIES 3
achu
Staff
Staff

Hi @unknown1020,

 

Please check the article below for troubleshooting "Unable to connect to FortiGuard servers" error. 

https://community.fortinet.com/t5/FortiGate/Troubleshooting-Tip-Unable-to-connect-to-FortiGuard-serv...

 

Can you share your fortiguard and dns config? 

 

show full system fortiguard

show full system dns

 

hbac
Staff
Staff

Hi @unknown1020,

 

We had issues with our FortiGuard servers yesterday and it was fixed. Everything should be working now. 

 

Regards, 

mann_brenner
New Contributor

The intermittent access issues and "NET::ERR_CERT_AUTHORITY_INVALID" messages are likely due to the FortiGuard servers being down. Your firewall's security profiles, including SSL certificate inspection, depend on FortiGuard's services for validation. Changing DNS to your ISP didn't help because the firewall still relies on FortiGuard. Monitoring FortiGuard's status or contacting support for updates could resolve the problem.

I found the solution from https://certera.com/kb/how-to-fix-net-err_cert_authority_invalid-error-in-chrome/ and got it solved. I hope this will work well for you.

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors