Hello,
Does anyone have configured ssl offloading on the fortigate? I have used the 'cookbook' but it doesn't explain too well how to configure half mode ssl server configuration.
I need to decrypt incoming https and forward this unencrypted to backend http server.
What I configured:
conf firewall policy
set dstaddr "vip-to-webserver" => 157.52.x.x to 172.16.16.15
set service https
set webcache enable
set webcache-https ssl-server
and:
config wanopt ssl-server
edit webserver1
set ip 172.16.16.15
set port 443
set ssl-mode half
set mapped-port 80
set ssl-cert <webserver certificate>
Please advise.
Thank you in advance,
Kind regards,
Ralph
Solved! Go to Solution.
You already have it working, but in case you want to read this:
Okay this works :)
The customers' web server didn't reply to http requests on port 80 and therefore it didn't work in the first place.
Thanks,
Ralph
You already have it working, but in case you want to read this:
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1737 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.