Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Daagvandermeer
New Contributor III

Created on ‎03-24-2025 02:19 AM

FG - Block ALL internet except DNS https://vbr.butler.veeam.com/

Is there a way to Block all Internet traffic except Veeam Malware detection URL?

The DNS is changing every time (IP's) so based on IPaddress Its not working always.

And I also created a DNS filter 

 
 

image.png

But I see still traffic to others based on IP (I think)

 

Is there another way to fix this?

 

Kind regards

Daag

Labels:
363
0 Kudos
2 Solutions
AEK
SuperUser
SuperUser

Created on ‎03-28-2025 06:43 AM

Are you using deep inspection? If so then it seems the internal server is not trusting the signing CA on FG.

 
AEK

View solution in original post

AEK
218
Daagvandermeer
New Contributor III

Created on ‎03-28-2025 06:52 AM

Thanks, I changed the SSL inspection to No Inspection. And that fixed it.
image.png

View solution in original post

211
0 Kudos
12 REPLIES 12
Daagvandermeer
New Contributor III

Created on ‎03-28-2025 06:52 AM

Thanks, I changed the SSL inspection to No Inspection. And that fixed it.
image.png

212
0 Kudos
AEK
SuperUser
SuperUser
In response to Daagvandermeer

Created on ‎03-28-2025 06:53 AM

You need to set it to "Certificate Inspection", not "no-inspection".

AEK
AEK
70
Daagvandermeer
New Contributor III
In response to AEK

Created on ‎03-28-2025 06:55 AM

Then its not working.

65
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.