Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Holy
Contributor

Web Accsess Problem IBE

Hello,

 

currently i do a FortiMail Self study in a lab environment. i use a FortiMail Gateway behind a Sophos VM 9.306 Firewall.

 

everything is all right but, i created a DNAT Rule for the IBE Encrypted Portal Accsess. like Wan:8443 > FortimailGateway:8443

 

i can send encrypted Messages out and if i klick that Registretion Link on the reciped mail i get accsess to the web portal and can register myself. Like Chossing a password, Secret questions and so on.

 

But if after that i Enter my password to see the encrypted mail it tries to load the Webpage but no succsess.

 

It just loading and loading and loading all the time.  

 

On the Sophos Firewall live log i see all the Dnats coming in without problem and nothing gets blocked.

 

Any Idea what could be a problem? is maybe something wrong with the Sophos firewall... but i mean it´s just DNAT.

 

i actualy had a strange behaivor on Sophos firewall activating DNAT for Exchange OWA. the connection was incredibly slow... like realy realy slow. i didn´t find out what was the problem. Trieng it out with a FortigateVM the OWA Connection was fast as usual.

 

So did someone had similar expirinces ?

 

Thank you.

NSE 8 

NSE 1 - 7

 

NSE 8 NSE 1 - 7
5 REPLIES 5
Bromont_FTNT
Staff
Staff

Any difference if you use push or pull?

Holy

no difference if push or pull.

 

Of course i do use correct Admin Ports. Otherwise i wouldn´t be able to Register a new IBE user. 

 

as i said the strange thing is. He does allow me to register, and i see the window where i have to put my password to see encrypted file. but when i try to accsess it´s loading all the time. without sucsess.

 

Firewall show´s only dnat happening and no blocks or errors. 

 

i will try it tomorrow with a FortiGate VM. could realy be a Sophos problem, if it´s true its realy weird.

 

Bromont wrote:

Any difference if you use push or pull?

NSE 8 

NSE 1 - 7

 

NSE 8 NSE 1 - 7
abelio
SuperUser
SuperUser

 

hello,

Holy wrote:

 

everything is all right but, i created a DNAT Rule for the IBE Encrypted Portal Accsess. like Wan:8443 > FortimailGateway:8443

 

what about administrative ports on your Fortimail? Did you also adjust it for 8443 ?

 

System->Configuration->Options->Administrative Ports

 

 

regards




/ Abel

regards / Abel
Holy

Update:

 

So it´s definitly a Sophos Problem. i tried it out with Fortigate VM and everything was ok.

 

then i tried to DNAT From Sophos to my FTP Server and guess what. i can connect to my FTP Server , but if i try do download something he do download with a speed of 16kb/s ....

 

i will open a ticket to Sophos.

 

NSE 8 

NSE 1 - 7

 

NSE 8 NSE 1 - 7
Holy

UPDATE: Problem solved. The Problem was, that ESXi Chosses "Flexible" for Network Adapter by Default. you Should Choose "E1000"  Everything allright, i am happy now 

NSE 8 

NSE 1 - 7

 

NSE 8 NSE 1 - 7
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors