Hello!
Starting today, we're seeing multiple issues with the SSL DPI breaking quite a few applications in the org, that were working fine as of last week.
I'm having trouble locating any logs or details as to what or why this is occurring.
Some examples are.
And other applications, such as browser add ons and such.
Disable SSL DPI fixes the issue immediately.
Logs are empty
Cert is still valid
Disable security controls individually does nothing
Does anyone have any thoughts, or some additional troubleshooting methods I can take?
We have here the same problem!!! 100F 7.0.14, today updated to 7.0.15 - problem persists!
We had to change the inspectionmode to flow-based and work only with certificate inspection!
I by default have inspection mode set to Flow based. It seemed to logically be the better choice when reading documentation. We too are on cert inspection only at this point till the issue is resolved.
Are you using Proxy based mode on Firewall policy. Please check that Forti guard server is reachable from the Firewall properly
Flow-based mode.
Fortiguard is reachable, and filtering services availability is up before & after test connection.
Hi
What is the result if you enable DPI and allow all applications?
Any form of DPI enabled breaks. For example. DPI & AV (with applications feature being turned off).
Hi,
we also have this problem with some users who use the explicit proxy. Naturally, this cannot be switched to flow mode. Disabling certificate inspection alone does not help. Disabling all NGFW features (antivirus, WAF etc.) does not help either! So - No workaround for this users! FW: 100F with 7.0.15, Location Germany
Yeah, no luck there. No indication of any issues.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1738 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.