do you have someone idea, how to insert HTTP header extension into TLS client hello packet?
What I exactly want...
I need add HTTP header extension server_name, exactly same like on screenshot from wireshark.
I have proxy policy, where is used proxy profile:
config firewall proxy-policy
edit 1 set uuid 55ba9284-33f9-51eb-8102-0009101ff954 set proxy explicit-web set dstintf "virtual-wan-link" set srcaddr "192.168.0.0/16" set dstaddr "api.mygls.cz" set service "webproxy" set action accept set schedule "always" set webproxy-profile "proxy-profile" next end config web-proxy profile edit "proxy-profile" set header-via-request add set log-header-change enable config headers edit 1 set name "SNI" set add-option append set content "server_name api.mygls.cz" next end next end
But this settings not works.
Do you have idea, how to set "set content" under web profile header?
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.