Hello, During web application vulnerability testing, including PCI DSS
scans, it is necessary to disable the WAF (or whitelist the sources) in
order for the test to proceed without interference. This is industry
standard practice, and is also a requi...
Hello, SummaryThis post is a request for the support of the community.
If you think moving the explicit proxy sign in page to HTTPS (currently
it's only on HTTP) would be beneficial please contact your account
manager and add your support to NFR 0467...
Hello, Seems support misunderstood my message and you can whitelist
sources: # config waf profile (profile) # edit test <<< instead of test
place the profile name new entry 'test' added (test) # config
address-list (address-list) # set status enable ...
Just to make folk aware, this NFR has not been progressed still.
Apparently there's no desire for it. I can't believe we're the only
people with the problem, so if this also affects you please get in
touch.
marco_d wrote:So what happen was that after the upgrade from 5.4.9 to
5.6.5 the web filtering port changed from 53 to 8888. We also
experienced this and reported it to Fortinet as a bug, which was
acknowledged. I requested it be included in the relea...
Hi Willcutaflip, I've configured our SSL deep inspection. When browsing
to a site with a problem certificate the Fortigate will use a
certificate your clients should not trust, notably the one called
Fortinet_CA_Untrusted (see System > Certificates)....
Hi Mfahey, I completely agree there's functionality missing, I'm just
hoping there's some traction on my NFR. Thanks for the tip of Securly,
I'll give that a look. Jonathan
