We have recently started using FortiPAM 1.5 and are experiencing some challenges.
We have a SCADA system for video, which is based on MediaMTX with three video servers.
The issue is that when I create a "web account" target with the associated secret, I am able to log in to the SCADA website itself.
However, the video is opened directly from my PC to the video servers. This traffic needs to go through the proxy, just like the SCADA website.
I have tested various things, including adding the IP addresses of the video servers to the Domain list IP mask list on the target.
This has not helped. FortiPAM does have access to all the video servers over the local network.
What needs to be done to make this work?
Hello sandtor,
Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.
Thanks,
Hello,
We are still looking for an answer to your question.
We will come back to you ASAP.
Thanks,
Hello!
I found this Solution. Can you tell me if it helps, please?
To ensure that the video traffic is routed through the proxy, similar to the SCADA website, follow these steps:
If the issue persists, further investigation into the network configuration and proxy settings may be required.
Hi
Thnx for the desciption on how to do this. As you can see under I have changed from IP to FQDN. FortiPAM can ping using the FQDN. In the policy I have changed the allowed services to ALL. But as you can see in the last image, the video traffic is still going from the client IP and is not proxied through FortiPAM.
10.161.0.55 is the client IP that I'm using to login to FortiPAM.
10.160.16.53 is one of the video servers.
User | Count |
---|---|
2548 | |
1354 | |
795 | |
646 | |
455 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.