I've got a 60D running 5.6. I'm trying to enable some simple IPS rules like RDP brute force, FTP brute force, etc. Enabling the IPS on a policy requires adding SSL Inspection to the same policy. While I don't mind cert inspection, I don't want to do deep inspection. Granted, I'm not routing traffic through a MITM proxy on the Fortigate, all of the "deep-inspection" settings are on but entirely greyed out. I can't for the life of me figure out how do adjust any of these settings.
Any advice? Image attached.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
JFYI, I've somewhat circumvented this by enabling "Mutliple Security Policies" which now at least allows me to create separate SSL inspection policies and enable them on each policy accordingly.
Hello Brian,
What you did was correct. You were trying to modify the default "deep-inspection" profile which is not allowed now in 5.6. To create a different one, you need to allow "Multiple security profiles" and create a new one.
As for the question of the Fortigate forcing an SSL-Inspection profile on a policy, if you select certificate-inspection, the Fortigate is not doing a MiTM. It is only scanning the hostname.
Homing
I don't see how creating a second SSL-Inspection profile allows me to turn off that feature. It allows me to change some traits but I still can't disable it completely.
In case you are wondering how to turn on "Multiple security profiles":
System > Feature Visibility > Multiple Security Profiles
Jerry
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1710 | |
1093 | |
752 | |
446 | |
231 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.