Web Filter blocking site, even though set to Allow
FortiGate 50E, v6.2.9 build1234 (GA)[/ul]
Web Filter is blocking random sites,
even though set to Allow every category.
I'm testing with sourceforge.net
After turning on SSL Inspection, certificate was added to browser and OS.
With Web Filter OFF & SSL Deep Inspection ON, I can access sourceforge.
With Web Filter ON & SSL Deep Inspection ON, I cannot access sourceforge, browser complains "connection reset" (and cannot access other random sites), yet most other sites remain available.
Web Filter has been set to Allow every category & uncatagorized.
(Same behavior using "Monitor-all" filter)[/ul]
wget / Web Filter OFF - sourceforge.net - success
wget sourceforge.net --2021-10-06 15:45:30-- http://sourceforge.net/ Resolving sourceforge.net (sourceforge.net)... 18.104.22.168 Connecting to sourceforge.net (sourceforge.net)|22.214.171.124|:80... connected. HTTP request sent, awaiting response... 301 Moved Permanently Location: https://sourceforge.net/ [following] --2021-10-06 15:45:30-- https://sourceforge.net/ Connecting to sourceforge.net (sourceforge.net)|126.96.36.199|:443... connected. HTTP request sent, awaiting response... 200 OK Length: 151676 (148K) [text/html] Saving to: ‘index.html.2’
wget / Web Filter ON (set to Allow everything) - sourceforge.net - failure
wget sourceforge.net URL transformed to HTTPS due to an HSTS policy --2021-10-06 16:01:54-- https://sourceforge.net/ Resolving sourceforge.net (sourceforge.net)... 188.8.131.52 Connecting to sourceforge.net (sourceforge.net)|184.108.40.206|:443... connected. GnuTLS: Error in the pull function. Unable to establish SSL connection.
Why can't wget (or browsers) establish an SSL connection for random sites with Web Filter ON?
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.