Hi, i cant get access by https GUI administration, but i can by http. i try with many browsers. Maybe is and SSL error with the certificate, i dont know.
I check the access configuration:
#config sys int
edit "port2"
set vdom "root"
set allowaccess ping https ssh http fgfm
set type physical
set alias "Inside"
set snmp-index 2
#config sys admin
edit "sgermano"
set remote-auth disable
set peer-auth disable
set trusthost1 0.0.0.0 0.0.0.0
Thanks!!
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Trying searching in config sys global for the following line
set admin-https-ssl-versions tlsv1-1 tlsv1-2
eg
FGT100DSOCPUPPY01 (global) # show full sys global | grep ssl-versions set admin-https-ssl-versions tlsv1-1 tlsv1-2
Probably your browser is older or you have a TLS/SSL negotiation issue due the configured version(s).
Ken
PCNSE
NSE
StrongSwan
This is an error most likely caused by your client.
Enable TLS1-1.1-1.2 (and turn off SSL v2/3!) in the advanced settings in Internet Explorer. These settings are used by Chrome also as far as I know.
In Firefox, browse to the page "about:config" and check that "security.tls.version.min" is set to 1.
Restart your browsers and try again.
Richie
NSE7
Trying searching in config sys global for the following line
set admin-https-ssl-versions tlsv1-1 tlsv1-2
eg
FGT100DSOCPUPPY01 (global) # show full sys global | grep ssl-versions set admin-https-ssl-versions tlsv1-1 tlsv1-2
Probably your browser is older or you have a TLS/SSL negotiation issue due the configured version(s).
Ken
PCNSE
NSE
StrongSwan
Hi emnoc, exist that line on the global config:
# show full | grep "set admin-https-ssl-versions" set admin-https-ssl-versions tlsv1-1 tlsv1-2
I use the same browser on other Fortigate device and work ok.
Thanks.
This is an error most likely caused by your client.
Enable TLS1-1.1-1.2 (and turn off SSL v2/3!) in the advanced settings in Internet Explorer. These settings are used by Chrome also as far as I know.
In Firefox, browse to the page "about:config" and check that "security.tls.version.min" is set to 1.
Restart your browsers and try again.
Richie
NSE7
Hi kallbrand, security.tls.version.min is set already to 1.
if i change the security.tls.version.max would be risky, because i use this browser for all.
Thanks.
Hi again, also if i try to get access by ssh, return this message:
ssh user@x.x.x.x
ssh_rsa_verify: RSA modulus too small: 512 < minimum 768 bits
key_verify failed for server_host_key
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1692 | |
1087 | |
752 | |
446 | |
228 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.