Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
FNT_Learner
New Contributor III

fortiweb offline protection mode cannot inspect https traffic

Hi guys,

I have a problem with my FortiWeb 400E. it is deployed temporary in offline protection mode for some tests. it receives https traffic from a span port. I also imported my webserver certificate and add it in a server pool profile. I ran some simple attacks on https port of my webservice but FortiWeb can not scan or inspect https traffic or generate log to indicate https traffic inspected. I'm sure the certificate is imported correctly and the server pool profile is assigned in the appropriate policy. 

Is there anyone who have any idea about why FortiWeb doesn't inspect https traffic even the associated Certificate is added to it. Please tell me.

3 REPLIES 3
Jean-Philippe_P
Moderator
Moderator

Hello FNT_Learner, 

 

Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible. 

 

Thanks, 

Jean-Philippe - Fortinet Community Team
Jean-Philippe_P
Moderator
Moderator

Hello,

 

We are still looking for an answer to your question.

 

We will come back to you ASAP.

 

 

Thanks,

Jean-Philippe - Fortinet Community Team
AEK
Honored Contributor II

Hello

Actually I didn't try this mode but just in case you are using TLS 1.3 know that it is not supported in this mode. Many other features are also not supported that may have caused your issue. Please check below link if it can help.

https://docs.fortinet.com/document/fortiweb/7.4.2/administration-guide/211763/planning-the-network-t...

 

Edit: Additionally in version 7.0.x, TLS 1.0 to 1.2 is supported but with limitations.

https://docs.fortinet.com/document/fortiweb/7.0.10/administration-guide/211763#planning_topology_314...

AEK
AEK
Labels
Top Kudoed Authors