I used foritgate 1101E in china we all used forticlient
the chinese network can't access google play store ,but we have mpls vpn line to outside china through SSL-VPN to access google play store .
android phone still can't to access google play store after conecting to ssl vpn
ForiTac: the traffic of android.clients.google.com is forwarded from the local network when conecting to a tunnel ssl vpn
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Created on 04-03-2022 03:55 PM
Hello miHoYo,,
Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.
Thanks,
Fortinet Community Team
Hello,
Do you have a ticket opened for the issue with Fortinet TAC?
Google Playstore does a thing called "Certificate Pinning" which pins the public key of their SSL Certificate to the application itself. The application will do a check on the certificate and if it sees that Fortigate has resigned the original certificate, it will break the session. That is the reason it does not work. We usually have a list of domains we exempt in the SSL Certificate sensor which we know has been known to be used by applications that have Certificate Pinning.
As per a few of the other customers
Fixed the issue. by adding *.googlevideo.com in the Certificate Name. Have to add it to the exempted addresses (by creating a new wildcard address) and it should work.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1517 | |
1013 | |
749 | |
443 | |
209 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.