Is it possible for the Public IP of FortiGate?
I have configured DDNS for my FortiGate but if I access that FortiGate using a public IP it gives me a "Not Secure" warning.
And that XXX.fortiddns.com working fine without a warning
Does anyone have an idea on this please share the steps to be performed
I want to remove that warning for that public IP #fortigate
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hello
So as per your query whenever you take access from DDNS URl it works fine and when you take access with ip address it shows error.
So once ddns provides ip address to clinet it does ssl handshake inside client hello there will be ddns url in SNI field.
When firewall receives this packet it matches common name with certificate.
If common name and SNI field matches it presents certificate which is configured in administraticve settings in clients.
When you access with IP address it checks common name and SAN if it not matches it shows warning.
https://www.youtube.com/watch?v=gMWEH32L4aE
Please refer this video to mitigate this issue
Thanks & Regards
Mayank Sharma
Hi @Mehulp,
It depends on the certificate you are using for FortiGate HTTPS access. I believe the certificate CN only matches your DDNS but doesn't match the IP address.
Regards,
Hello Mehul it depends how you are taking access. If you are taking access with IP address inside SNI there will be a IP address.
So if common name inside certificate is different that that IP address it shows not secure on browser.
Thanks & Regards
Mayank Sharma
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1733 | |
1106 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.