Dear All,
We want to implement FORTIGATE-AWS GWLB.
This is our reference.
https://aws.amazon.com/blogs/apn/centralized-traffic-inspection-with-gateway-load-balancer-on-aws/
But we having issue with https ssl blocking with probe cert failed both IN dan OUT https traffic to/from Internet.
The issue will happen when:
1. if policy using flow based mode, utm av+ips+ssl-inpsection, the traffic not block by ssl
2. if policy using proxy based mode, utm with av+ips+ssl-inpsection, the traffic block by ssl
3. if policy using proxy based mode, utm with ssl-inspection only (no av, no ips), tthe traffic block by ssl
Already using cert-probe-failed ALLOW
According to this reference
Now not blocking SSL, But..... the traffic IN and OUT , from / to INTERNET for https, is slow / not like normal behavior traffic if we test using curl from ec2 amazon Linux.
Did anyone having same issue?
How to resolve this?
This is what happen when using using
policy using proxy based mode, utm with av+ips+ssl-inpsection, the traffic block by ssl
at VPC A, of EC2
can anyone help? Please...
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2023 Fortinet, Inc. All Rights Reserved.