I can't download a working setup of VS Code from the page https://code.visualstudio.com/ because Fortigate replaces a small block from the files with zero bytes.
The file comes from URL: https://az764295.vo.msecnd.net/stable/4e9361845dc28659923a300945f84731393e210d/VSCodeSetup-x64-1.26....
After download, the setup returns crc32 error. The digital signatures (file properties) says invalid certificate.
If I download the file without fortigate certificate replace (deep ssl) the file is correct.
A comparison of the two files (downloaded with and without fortigate) in a hex editor shows at Offset 0xFFE28 is a block of length 432 of zeros bytes replaced from fortigate. Range 0xFFE28 - 0xFFFD7.
This code block:
77 04 85 0B 6A 7B 8F 0C 32 F9 25 68 D7 7E BD 47
88 C0 1D 74 A6 52 EA 69 05 83 08 E3 E4 BF 03 33
77 99 F4 2A FA 4E 47 D8 DE 99 03 3D 9E 09 9C C3
E5 18 94 D2 77 95 73 01 0E E0 EA 8D B0 C3 81 1C
9E 9B 49 92 07 5C B0 F5 04 AB 96 D2 53 F9 38 99
19 D6 07 99 78 0F 7B 8E AE 0D 3F AD B2 8E 57 BA
D2 6E 08 A1 E5 55 CC 73 4B 44 A7 D8 29 03 4C 30
79 C9 6B BA EE 60 5C C0 84 B1 E3 88 84 AD 31 3C
BC 36 D6 50 D8 C2 48 C1 39 D5 7E C6 80 9D 75 B1
42 61 25 1E B5 67 AE A7 93 DC F9 52 04 BA 5E 92
44 6F 0A 15 FB EA A3 89 EF 51 9B C0 14 3D 5A 5F
E7 0D B2 32 7C 5D 13 56 13 C2 F8 F8 17 8F 29 23
07 A8 85 44 2C BB EB B4 7A 46 BB 83 D0 1B 71 E6
66 07 AB 11 D5 6E 6F A7 5A 73 7C BE 88 38 6F DC
0D 60 D7 21 A7 A1 C2 D7 B6 5D 10 61 26 78 BF 91
2A 00 21 06 20 8A 24 AB FD 09 FF 9B A9 00 81 46
7B 93 FA 67 F4 57 4A C8 38 D3 FE D6 93 CA B8 A9
D1 ED 1D E5 41 63 FE C0 AE 50 85 22 89 0B 57 A5
0A 66 D1 30 2A 52 1D C1 83 85 C3 C1 CA 91 06 DD
5C 31 EB 33 4B 60 C6 35 A6 55 ED 25 7E 46 00 5E
76 8D ED 65 EC 71 C6 09 64 B2 AB 44 08 9B 17 E6
3D F4 87 3D A3 E7 43 42 81 C0 97 3D 51 5F 33 8E
56 10 C2 17 09 48 14 9C 8F 78 80 06 DD B1 28 EE
04 36 A8 3D BC A4 9B D6 23 3B F2 0F 04 18 7F 7B
3E D7 1C 97 FE BB 4A BF D0 32 F8 22 8A 80 47 4F
DA BD 38 95 A8 9B ED BA 9F 34 94 DA FE 0A 2F C8
E0 BA 20 FD 17 96 50 DD D0 26 11 C2 A4 0B 9C 61
Is removed by fortigate by 0x00 for each byte.
Why? Fortigate eats a hole in the file?
Update:
This also happens with other downloads. e.g. Unity Asset Store. (Not all packages. Try the package "post processing stack").
It removes a shorter block by 0x00. Weird. I have no idea where's the problem.
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hi Domvel and Wayne1,
There are 2 known corrupted issues that have been fixed in 6.0.3 which has ipsengine 4.00025 built in. Please give it a try.
Thanks.
Use the cli-cmd diag debug flow and inspect what the firewall is doing would the 1st guess. What is the firewall doing ( proxy , file inspection,etc....)
PCNSE
NSE
StrongSwan
It's the SSL Inspection. If I turn it off, it works. I can't see any logs for this issue.
In the console or CLI, can see the versions info needed to replicate the bug, type:
get system status
diagnose autoupdate versions
Also the matching firewall policy and the utm profiles enabled for the affected traffic.
Did a quick test on the latest FOS v6 and md5sum of ssl deep inspection enabled/disabled are the same.
Same problems here with 6.0.2. It happens only with Full SSL Inspection profile.
Hi Domvel and Wayne1,
There are 2 known corrupted issues that have been fixed in 6.0.3 which has ipsengine 4.00025 built in. Please give it a try.
Thanks.
Hi hop_FTNT
Thanx for the tip, after updating to 6.0.3 the problem is solved.
Regards
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1690 | |
1087 | |
752 | |
446 | |
228 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.