Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Emaborsa
New Contributor

Created on ‎08-28-2023 05:23 AM Edited on ‎08-28-2023 05:53 AM

Fortinet blocking git

We have been working with git for years, two months ago we noticed that were not been able to use the git commands anymore:

 

git pull

git@github.com: Permission denied (publickey).
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.

 

 

In the beginning we tought the problem were the credentials, after many tests we realized that it must be something in the firewall, because:

  • Inside our LAN covered by the Fortinet Firewall, we get this error
  • Inside out LAN covered by the firewall setting a rule ACCEPT ALL (all open), same error
  • Using git inside the WSL installed on the same machines, works
  • Using a WIFI not covered by the firewall, works
  • Using the tethering of a random phone, works
  • Using a LAN not covered by the firewall, works

We tested different git versions: 2.41.0.windows.3, 2.32.0.windows.2, 2.33.0.windows.2 and we got the same results.

 

We don't know what further tests can be done in order to find the problem and can't find any log entry.

 

Any suggestions would be highly appreciated

Labels:
607
1 Solution
Emaborsa
New Contributor

Created on ‎08-30-2023 11:50 PM

Thanks for all for the answers, did not reply because I was not able to login to the forum, got 401.

Yesterday we had been able to fix it, the problem was not the firewall, but a custom Home Folder set in Active Directory. Because of this, the ssh directory was not seen by git and so no key could be sent on the request. Removing it from the active directory and rebooting the pc solved the problem.

View solution in original post

456
4 REPLIES 4
pminarik
Staff
Staff

Created on ‎08-29-2023 03:18 AM

Does the relevant firewall policy have deep-inspection applied (cert- or full-)? If yes, check if it has "SSH deep scan" enabled. If yes, try disabling it.

[ corrections always welcome ]
524
0 Kudos
Mrinmoy
Staff
Staff

Created on ‎08-29-2023 08:48 PM

Please check this KB article and try to identify why the firewall is blocking the traffic. Specially debug flow.

 

https://community.fortinet.com/t5/FortiGate/Troubleshooting-Tip-First-steps-to-troubleshoot-connecti...

Mrinmoy Purkayastha
486
0 Kudos
Emaborsa
New Contributor

Created on ‎08-30-2023 11:50 PM

Thanks for all for the answers, did not reply because I was not able to login to the forum, got 401.

Yesterday we had been able to fix it, the problem was not the firewall, but a custom Home Folder set in Active Directory. Because of this, the ssh directory was not seen by git and so no key could be sent on the request. Removing it from the active directory and rebooting the pc solved the problem.

457
Mrinmoy
Staff
Staff

Created on ‎08-31-2023 05:09 AM

Great!!

Mrinmoy Purkayastha
445
0 Kudos
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.​

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2023 Fortinet, Inc. All Rights Reserved.