Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
raminda
New Contributor

Created on ‎05-18-2023 09:34 AM Edited on ‎05-18-2023 09:36 AM

Action Accept: session close | Security Action Blocked

Hi,

 

Recently we installed fortigate 200F with 7.0.11 OS. We are using one policy to allow Google Workspace access and randomly users need to refresh the browser to send emails. It says "Message could not be send check your network and try again". when incident happen log shows as below and once refresh the browser same user allow to send email without any issue. I'm using web filter & application control

 

Can anyone suggest a solution.

 

 

Screenshot 2023-05-18 213008.jpg

Labels:
4488
0 Kudos
6 REPLIES 6
distillednetwork
Contributor III

Created on ‎05-18-2023 09:57 AM

What does the Result column of the log tell you?

4481
0 Kudos
raminda
New Contributor
In response to distillednetwork

Created on ‎05-18-2023 10:09 AM

It says : Deny: UTM Blocked

4478
0 Kudos
distillednetwork
Contributor III
In response to raminda

Created on ‎05-18-2023 11:05 AM

If you have fortianalyzer take a look at the log in there, but my guess is it's a certificate inspection issue.  

 

If not, you can try to check the SSL logs by searching for the Source and Destination IP addresses in Log & Report > SSL 

4462
raminda
New Contributor
In response to distillednetwork

Created on ‎05-18-2023 09:48 PM

Thanks for the reply, I'll check

4440
0 Kudos
kgeorge
Staff
Staff

Created on ‎05-19-2023 01:01 AM

Hello Raminda,

 

Can you let us know the configuration you have done to allow Google WorkSpace?

Have you tried with firewall Policy without any Security Profiles?

 

The Action with Accept:session close determines that, there is no seamless communication between Client and Server. Mainly, due to the session being idle and FortiGate will terminate TCP session and result is "session close"

 

This is mostly not be related to FortiGate issue however, any intermediatory or upstream devices.

 

It could be due to temporary outage with Google or Unstable internet connectivity.

If you are still facing the issue, just bypass FortiGate and check once from the same device.

 

Regards,

Klint George

Regards,
Klint George
4430
0 Kudos
Christian_89
Contributor III

Created on ‎05-19-2023 01:29 AM

The issue you're experiencing with FortiGate and Google Workspace access could be related to the web filter or application control settings. Here are a few troubleshooting steps you can try to resolve the problem:

1. Verify Web Filter Settings: Check your web filter settings to ensure that they are not blocking any necessary components or services used by Google Workspace. Make sure that the appropriate categories and domains are allowed for smooth access.

2. Adjust Application Control Settings: Review your application control settings and ensure that they are not interfering with the functionality of Google Workspace. If necessary, you can create specific application control policies to allow all the required Google Workspace applications and services.

3. Update FortiGate Firmware: Verify if there are any available firmware updates for your FortiGate device. Keeping your firmware up to date can often resolve compatibility issues and improve overall performance.

4. Check Security Profiles: Review your security profiles, such as antivirus and intrusion prevention, to ensure they are not blocking any necessary traffic related to Google Workspace. You may need to adjust the settings or create specific exceptions for Google Workspace-related traffic.

5. Monitor Logs: Continuously monitor the logs on your FortiGate device to identify any specific patterns or events that occur when users encounter the issue. This information can help pinpoint the cause of the problem and guide your troubleshooting efforts.

4429
0 Kudos
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.