[ul]
FortiGate 50E, v6.2.9 build1234 (GA)[/ul]Web Filter is blocking random sites,
even though set to Allow every category.
I'm testing with sourceforge.net
[ul]After turning on SSL Inspection, certificate was added to browser and OS.With Web Filter OFF & SSL Deep Inspection ON, I can access sourceforge.With Web Filter ON & SSL Deep Inspection ON, I cannot access sourceforge, browser complains "connection reset" (and cannot access other random sites), yet most other sites remain available.Web Filter has been set to Allow every category & uncatagorized.(Same behavior using "Monitor-all" filter)[/ul]wget / Web Filter OFF - sourceforge.net - success
wget sourceforge.net
--2021-10-06 15:45:30-- http://sourceforge.net/
Resolving sourceforge.net (sourceforge.net)... 204.68.111.105
Connecting to sourceforge.net (sourceforge.net)|204.68.111.105|:80... connected.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://sourceforge.net/ [following]
--2021-10-06 15:45:30-- https://sourceforge.net/
Connecting to sourceforge.net (sourceforge.net)|204.68.111.105|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 151676 (148K) [text/html]
Saving to: ‘index.html.2’
wget / Web Filter ON (set to Allow everything) - sourceforge.net - failure
wget sourceforge.net
URL transformed to HTTPS due to an HSTS policy
--2021-10-06 16:01:54-- https://sourceforge.net/
Resolving sourceforge.net (sourceforge.net)... 204.68.111.105
Connecting to sourceforge.net (sourceforge.net)|204.68.111.105|:443... connected.
GnuTLS: Error in the pull function.
Unable to establish SSL connection.
Why can't wget (or browsers) establish an SSL connection for random sites with Web Filter ON?
Any ideas?
What should I try next?
