Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Contributor III

SSL inspection leads me to madness ...

Hello, are you experiencing a problem with detecting and viewing Cloud Apps in version 5.6.x (specifically 5.6.2)? We have a deep ssl inspection set up, Fortinet_CA_SSL certificateimported to all PC,and an application control set (all applications monitoring). I tried lots of cloud applications (FB, Twitter, Dropbox, Instagram, Office365, Gmail and others). I then looked into Fortiview-> Cloud App and there were only GoogleSearch and Dropbox and instead of the email address in the CloudUser section there is only an IP address What is wrong? On another box (v5.4.6) it looks fine (also a few applications are not displayed, but not as large as 5.6.2).

 edit "__upg_deep-inspection"
        set comment "Deep inspection."
        config ssl
            set inspect-all deep-inspection
            set allow-invalid-server-cert enable
        config https
        config ftps
        config imaps
        config pop3s
        config smtps
        config ssh
            set ports 22
            set status disable
        config ssl-exempt
            edit 1
                set type address
                set address "xxxxx"
            edit 2
                set type address
                set address "xxxxx"
            edit 3
                set type address
                set address "xxxxx"
            edit 4
                set fortiguard-category 31
        set caname "Fortinet_CA_SSLProxy"
        set ssl-exemptions-log enable

edit 35
        set uuid 1c7893e4-c8a0-51e7-66bc-7337d7a0d788
        set srcintf "ssl.root"
        set dstintf "wan1"
        set srcaddr "xxxxxL_range"
        set dstaddr "all"
        set action accept
        set schedule "always"
        set service "ALL"
        set utm-status enable
        set logtraffic all
        set users "xxxxx"
        set tcp-mss-sender 1354
        set tcp-mss-receiver 1354
        set comments "Clone of 32"
        set av-profile "default"
        set webfilter-profile "VPN"
        set ips-sensor "protect_client"
        set application-list "TEST"
        set profile-protocol-options "default"
        set ssl-ssh-profile "__upg_deep-inspection"
        set nat enable


Thanks Jirka


Did you find any resolution?




No. I will wait few days if someone kick me an idea. If not, I will create ticket to support. Jirka


It sounds like a bug to me I would report it to Fortinet TAC.



all day I intensively communicate with TAC about this problem. They now told me that if FGT does not have a harddisk or disk logging is disabled, Fortiview for Cloud app will not work... Whaaaat? We have logging to Fortianalyzer all the time and everything worked in version 5.4.6. If that's true, how can it be Google and Dropbox show it? Please your opinion.  Thanks, Jirka