Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
kaleemanwar
New Contributor II

Created on ‎11-20-2024 02:02 AM

Enforce FPX to use specific TLS 1.2 version when connecting to Origin server

We are encountering an issue with FPX where the Palo Alto firewall attempts to retrieve updates via FPX, but the connection is randomly refused.

Upon analyzing the packet capture from FPX during the issue, we observed that FPX uses TLS 1.0 to communicate with the Palo Alto update server, causing the connection to fail. However, when FPX uses TLS 1.2, the connection is successful.


Is there any option to enforce FPX to use TLS 1.2 for communication with the Palo Alto update server in a specific policy or profile?

Kaleem
Kaleem
229
0 Kudos
1 REPLY 1
jgillies01
Staff
Staff

Created on ‎11-22-2024 05:05 AM

Hi,

 

Please note that this request will be sent to Fortinet Global Community platform to draw more visibility.

If this has already been solved, can you please mark it as "Solved"

Please contact your local EPSP PM for any concern

 

Thank you

Joanne

Joanne Gillies
219
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.