I am having a weird problem with a testing FAC instance. It's a VM with private IP 192.168.1.109. It's in a isolated environment and I am using a jumpbox machine 192.168.1.100 to access it. The issue is if I access it by https://192.168.1.109/ , it's fast ( will show me a certificate warning as expected ); if I access it by https://fac.mydomain.local/ ( no certificate warning because the certificate is generated by a Windows CA and the root CA is trusted on the jumpbox), it's very slow. The VM is configured as Host Name: "fac", Device FQDN: "fac.mydomain.local" .
fac.mydomain.local is added into Windows hosts file map to 192.168.1.109.
Chrome Browser dev tool shows lots of requests took 5S~10S to load :
same "dashboard/" request only take 200ms if I use IP to access it. I can refresh the UI and got same result.
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
actually it's not Chrome trying to validate certificate. further traffic capture showed there is a http request sent to trendmicro.
So the machine has trendmicro client installed and when browser access a site by name, it will try to call home to do url/domain filtering.
I guess the lesson is if Internet is blocked, weird things will happen :(
OK I think I know why this is happening now. The jumpbox machine doesn't have Internet access.
When FAC is accessed by IP, I had to accept the certificate warning and Chrome probably won't do further checking; when accessed by Hostname, although the certificate is trusted, Chrome still want to check if the certificate is not revoked from some some online services, and it take long time for the checking to fail since Internet connection will time out from this machine.
wireshark capture many requests to many 142.250.190.xx IP with long duration, they belong to Google.
actually it's not Chrome trying to validate certificate. further traffic capture showed there is a http request sent to trendmicro.
So the machine has trendmicro client installed and when browser access a site by name, it will try to call home to do url/domain filtering.
I guess the lesson is if Internet is blocked, weird things will happen :(
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1733 | |
1106 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.