when configured captive portal some sites didn't work with error :
err1 - ERR_QUIC_PROTOCOL_ERROR
err2 - ERR_SSL_VERSION_OR_CIPHER_MISMATCH
like : YouTube , google , LinkedIn and google search
else some sites works normally and redirect to captive portal AUTH page .
when I remove or authenticate all sites works normally
I try it with (chrome , brave and IE browsers)
(version 7.0.9 VM)
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hi,
Can you please try disabling QUIC in Chrome and block QUIC on the FortiGate?
BR,
Manosh
hello Manosh
i do it with no hope still err and all sites didn't response
ERR_CONNECTION_TIMED_OUT
and i configured it with 3 way and still issue exist
Hi There,
I am also facing the same error while captive portal is enabled.
Please find attached snapshot more information.
Can someone please reply what should be done?
Regards,
Ravi
Hello MahmoudH93 and rvchande2,
The errors "err_quic_protocol_error" and "err_ssl_version_or_cipher_mismatch" you are encountering when accessing certain sites like YouTube, Google, LinkedIn, and Google Search while the captive portal is configured indicate issues with the SSL/TLS handshake between the client and the server. Here are some steps to troubleshoot this issue:
1. **Check SSL/TLS Settings**: Ensure that the SSL/TLS settings on the captive portal are correctly configured to support the required protocols and ciphers for these websites.
2. **Certificate Validation**: Verify that the SSL certificate used by the captive portal is valid and trusted by the client browsers.
3. **Browser Settings**: Check if there are any browser-specific settings causing the SSL errors. Clearing browser cache and cookies might help.
4. **Network Configuration**: Ensure that there are no network issues affecting SSL/TLS connections to these sites. Check for any firewall rules blocking specific protocols or ports.
5. **Update Browsers**: Make sure your browsers are up to date to support the latest SSL/TLS protocols and ciphers.
6. **Test with Different Devices**: Try accessing the sites from different devices to see if the issue is specific to a particular device.
Please refer to the below document for more information:
If you have found a solution, please like and accept it to make it easily accessible to others.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1547 | |
1031 | |
749 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.