I am pretty new to Fortinet Firewall and we have Fortigate v6.0.10 build5455 (GA).
I am trying to reach a website from LAN behind Firewall and it says Site Can't be reached connection reset.
This is happening just for one particular site and we can reach the same site without Firewall in picture.
Here are some of the things I tried
-Tried changing settings on browser, different browser , installing certificates etc but
-I created a policy where no security profiles are applied but am seeing the same result.
-On logs I could see Firewall is allowing the traffic but firewall cannot reach that site for some reason.
-I tried to do packet capture on workstation and I could see retransmissions occurring.
-I saw one of the forums where they set the mss size but that also didn't help.
-When I do traceroute from the firewall, I could it tries for 32 hops and could not get any result whereas if I try another website like facebook it could reach it.
-We tried to change the DNS settings on Firewall but did not help.
I am wondering why Firewall could not reach that particular site. Any inputs will be helpful. Thanks in advance.
In general, the problem may happens for failing on DNS lookup . DNS is that network address that translates the website name to its internet address. Most often it causes for not getting the internet connection or misconfigured internet or network settings. Another reason could be the firewall preventing Google Chrome to load the webpage. In most cases Flush Your DNS Cache is solve this problem:
sudo killall -HUP mDNSResponder
Once the command is executed, OSX will prompt for the administrator password as confirmation to proceed. Also, here are some other possible solutions for This Site Can’t Be Reached, these solutions will try to minimize or remove the error completely and takes you to your desired website in your Chrome browser.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.