Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
balbasorus
New Contributor

SSL traffic inspection best practices

Hi

I am a bit confused, I would like to add some ssl traffic inspection but for waf/ips, but I am not sure where/what's the best approach.

I have a mix of Virtual server and Virutal IP. Should I use the Virtual server SSL Offloading configuration or using the SSL/SSH security profiles configured as "Protecting SSL Server" with certifcate and added to the ingress firewall rules sufficient?

Also what about the same VIP/VirtualServer have mutiple domain hosted behind (abc.com, exmaple.com, bbb.com) how can all ssl traffic be inspected ?

Thanx all !

https://9apps.ooo/
1 REPLY 1
SimranRana
Staff
Staff

Please refer to the following article for configuring Inbound SSL inspection for internal server hosted behind firewall:

Configuring Inbound SSL Deep Inspection - Fortinet Community

Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors