Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
m_raza
New Contributor

fgt replacement message not working

We are using Fortigate 200d UTM, from few days back we are facing some issues regarding replacement messages, usually on user end when any web page gets block it shows my created replacement message with multiple details and reason such as client ip, server ip, user name, group name and category but now from few days all user getting only one message that "your connection is not private: or "There is a problem connecting securely to this website"

can any one please help me on this issue

 

 

4 REPLIES 4
EMES
Contributor

It sounds like you have some type of SSL/SSH Profile enabled on your policies. If you have certificate inspection then they are visiting an SSL site that is blocked and the certificate your Fortigate is using to display this page is not trusted by your users. By not trusted I mean that the certificate is not their windows "Trusted Root Certification Authorities Store"

m_raza
New Contributor

Yes you were right, i am getting replacement message on HTTP sites but not in HTTPS site.

 

i again regenerated certificate from domain controller certificate authority and import it on fortigate and install this same certificate  on my pc but haven't receive replacement message on HTTPS sites 

hmtay_FTNT

Did you install it under the Trusted Root CA list? Do you have a screenshot or can you show me the configuration? You can open a ticket with the TAC to get them to remotely connect to your network to help you out.

 

HoMing

hmtay_FTNT
Staff
Staff

One way to test if your case is as Eugene mentioned is to go to a HTTP website that is prohibited by the Web Filter and see if the replacement message shows up. If it does, then your settings are correct and the problem is with the SSL Certificate as mentioned.

Labels
Top Kudoed Authors