Hello Bill, You can make a URL filter with " *.google.com" and use this
for HTTPS web URL filtering. That will however block all SSL sites that
have this CN. GMAIL is using CN=mail.google.com and the login page
CN=www.google.com, so this service shou...
You can make HTTPS WEB filtering, either by looking at the CN (see the
field " Issue To --> Common Name" in the site certificate, which will
need to be in an appropriate URL filtering list), or making deep scan on
SSL traffic. You will find more in t...
Hi l3giona1re, Can you try the following, binding the phase1 interface
to wan1 : config vpn ipsec phase1-interface edit " phase_1" set
interface " wan1" <------ physical interface set local-gw 90.10.1.1
<---- loopback address to be used set remote-gw...
Hi Roman, As you said, a Fortigate physical interface does not tag
packets , tagging only occurs on VLAN interfaces. The important is that
the remote interface has also a " native vlan" , so does not tag the
frames destined to the physical interface'...