I have such problem that fortigate is blocking bing.com website, on all web browsers I have error:
I have added bing to SSL scan exemptions but this didn't resolved this issue.
When I enter on bing.com I have warning that this connection is not secure and on the website certificate properties I see something like:
Can you try clearing the SDNS cache and then check again?
diagnose test application dnsproxy 16
- Have you found a solution? Then give your helper a "Kudos" and mark the solution.
Fortigate # diagnose test application dnsproxy 16worker idx: 0
The problem still exist.
Hello @Tutek ,
Hope you are doing well.Please check below articles on fortiguard SDNS webfilter cache and let us know if it helps.Troubleshooting Tip: Verify the webfilter cache co... - Fortinet Community
Also you can try following below article.Technical Tip: Changes in SDNS and Webfilter looku... - Fortinet CommunityBR
We had a similar issue with bing. We had to disable the OCSP responder: Settings---->Privacy and Security----->Query OCSP responder servers to confirm the current validity of certificates, untick it
Thank you for posting to the Fortinet Community Forum.
Problem Description:-Fortigate is blocking bing.com
Are you using dns filter on the policy.Have you allowed the website both from webfilter and dnsfilter?Are you seeing anything on webfilter/dns filter logs.
For testing purpose please create a new policy for one src IP without dnsfilter/webfilter and keep it on top. Does it work?
Let us know if this helps.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2023 Fortinet, Inc. All Rights Reserved.