Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
ssl vpn portal bookmarks not working
Hi,
we have a ssl portal site configured in our fortigate 200B. Users can connect to
the portal site and login without any problem. On the portal we have some bookmarks,
just some internal http-sites for our staff. But those bookmarks do not work. If
somebody clicks on the bookmarks a new window is opened but it' s empty.
On the fortigate a warning (ID 39937) is logged. Message states " SSL web application blocked" .
Why is the fortigate blocking the portal bookmarks?
There is no UTM configured on the ssl_vpn_address rulesets.
Can anybody give me a clue where to allow the portal bookmarks?
thanks in advance
iho
3 REPLIES 3
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
When you configured the portal, did you allow HTTP in the config area (small pencil on the top right border)?
Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com
Bob - self proclaimed posting junkie!See my Fortigate related scripts
at: http://fortigate.camerabob.com
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
thanks for your reply rwpatterson but http is allowed in the config area.
But i also created a ticket and support found the solution.
We also use ssl in tunnel mode. So I created a rule which allows traffic from the
internet to our servers and as action i choose ssl-vpn. So far so good. The wrong
part was, that i configured only the ssl-vpn-tunnel ips as source address and so
only clients connected via the ssl-tunnel were able to contact servers in our network.
The portal was blocked, because the portal connects with the ip the client has in the
remote network. So the solution is to use " all" as source address and everything is
working like a charm :-)
Perhaps someone makes the same mistake and finds this info useful.
best regards
ingo hoffmann
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I also had some issue when trying to log in to a web server through SSL VPN Bookmark. In the Bookmark, I entered "fr.slcc.com:81" as the URL. Hence when I click the Bookmark, it will redirect to the "fr.slcc.com:81" website without the SSL VPN URL Prifix (https://vpn.stc.com/proxy/76ce8cbc/https/) Then I figured out this happens because the request ends with the the port number and because of that the browser redirect the traffic through normal internaet parth. Then I add login to the request to be like this "https://vpn.stc.com/proxy/76ce8cbc/https/fr.slcc.com:81/#/login". Now it's working fine.