Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
retiarius
New Contributor II

Created on ‎10-20-2024 05:59 AM

PR_CONNECT_RESET_ERROR web surfing after #FG500E sw upgrade

Hello,

I have two FG 500E in HA configuration.

I just did a sw upgrade on them which seems to have been completed successfully.

The previus version was 7.4.2 and the current is 7.4.5 build 2702.

Now I cannot access most of websites because I get the error: PR_CONNECT_RESET_ERROR.

The network is working and by excluding the fortigate from the path I can regain the access to the websites.

Many thanks for any help.

 

Labels:
1018
0 Kudos
4 REPLIES 4
Raghu_Kumar
Staff
Staff

Created on ‎10-20-2024 06:05 AM

Hello,

Thank you for the details provided. The error PR_CONNECT_RESET_ERROR typically indicates that connections are being reset, which can happen if SSL inspection or certificate handling has changed after the upgrade.

Here are a few steps to troubleshoot:

 

  1. SSL/Deep Packet Inspection:
    • Check if SSL deep inspection is enabled on the firewall policies. Sometimes after an upgrade, SSL inspection profiles might change or require reconfiguration.
    • If SSL inspection is enabled, try switching to certificate inspection temporarily and see if the issue resolves.

 

  1. Certificates:
    • Ensure that the FortiGate's CA certificate is trusted by the client browsers. If not, try re-importing the CA certificate into the clients' trusted certificate store.

 

  1. Review Logs:
    • Review the logs on the FortiGate for any blocked sessions or reset connections. This will give insights into whether any policies are dropping or resetting the traffic.

 

  1. AV/IPS Profiles:
    • Check if there are any security profiles (AV, IPS) that might be causing traffic to be reset post-upgrade. You can disable these temporarily to isolate the issue.

 

If the problem persists, please can call us at the support line and create a ticket, "http://www.fortinet.com/support/contact_support.html"(Select your country from the link to see the regional support number), if you require immediate assistance and quote this ticket number or update this ticket.


Thanks,

Raghuram Kumar
1009
retiarius
New Contributor II
In response to Raghu_Kumar

Created on ‎10-20-2024 08:11 AM

Thank you Raghuram for your quick asnwer,

 

about SSL/Deep Packet Inspection:

I switched to simple certificate inspection, but nothing changes;

about certificates:

I'm not sure, my fortigates hold a long list of valid certificates. Strangely, the web interface seems to use a self-signed certificate. However, we cannot install a certificate in each client browser because we have too many users and browsers. 

Before the update, the above described problem did not exist.

about review logs:

In the Traffic domain, Log & Report, Security Events, SSL, there are a lot  of entries of with action "blocked". No log entries regarding antivirus or intrusion prevention.

 

These FG500E make a virtual wire pair, so I can easily exclude them from  the network path, but each test requires two network outages with no web browsing in between until a solution is found.

Can you suggest something else to try?

 

 

 

 

 

 

 

 

 

 

979
0 Kudos
retiarius
New Contributor II
In response to Raghu_Kumar

Created on ‎11-08-2024 08:20 AM

For anyone who might find this result useful: After a few days of working to fix the problem, we found that in the security profiles, ssl/ssh inspection, our-profile by disabling the SNI server certificate, web browsing became normal.

716
quenchi
New Contributor
In response to retiarius

Created on ‎02-06-2025 03:31 AM

Hello, do you know why? I'm having the same issue on one of my 7 firewalls. But only on one. Disabling SNI solve the issue as well...

285
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.