FGT Images not appear on replacement message

rzahraoui · ‎02-04-2015

Hi, Fortigate Images not appear on the blocked pages, even we can see them correctly stocked on the UTM and visible when we personalize the display. I join on the ticket capture of what i described above. Thanks for your Help. Regards,

TheJaeene · ‎02-04-2015

Hi!

In some configurations the Client loads the Images from the Fortigate using different ports than Port 80 (8008 e.g)

Check the HTML Sourcecode of the Error Page for such Ports and check if any FW Policies are blocking it.

You can also embed small Images as Base64 encoded in the Replacement Message HTML Sourcecode to get around that.

For example: http://www.base64-image.de/

Regards,

Jan

rzahraoui · ‎02-04-2015

Hi,

Jan, Thanks for your help.

I checked the code, and don't why the images point to the url sollicited and not the FGT adress. you can see a capture in attachment.

Regards,

TheJaeene · ‎02-04-2015

Hi rzahraoui.

Fortunately this behaviour (URL) is correct since the Webfilter seems to be in Proxy Mode.

I still assume that the Port 8010 on the FGT is not reachable from the Client.

To dig a bit further try to diag sniffer if the Client Request to that Port is arriving at the Fortigates Interface.

Do you have any local-in policy set or a Portforward VIP using Port 8010 ?!

Regards,

Jan

TheJaeene · ‎02-04-2015

Also check this one, if you hardened your Fortigate for meeting PCI Compliance:

http://kb.fortinet.com/kb....do?externalID=FD33190

rzahraoui · ‎02-05-2015

Hi Again

When i check logs, i see that the client tried to upload images from extarnal sites, not from the FGT

I confirm that the webfilter profil is on the proxy mode.

Capture in attachment.

Rafael_Rosseto · ‎12-29-2016

Have you solve this?

Jirka1 · ‎11-14-2017

Hi guys,

now I am dealing with the same problem. Only with the difference that the images are not loaded only when the client is connected from FortiClient (using SSL). On an internal LAN, it all works. The source code of the page have a strange url:

iv.header {
background: url(http://url.fortinet.net:8/XX/YY/ZZ/CI/MGPGHGPGPFGHCDPFGGOGFGEH) 0 0 repeat-x;
height: 82px;
}
div.header h1 {
background: url(http://url.fortinet.net:8/XX/YY/ZZ/CI/MGPGHGPGPFGHCDPFGGHGFHBGCHEGPFHHGG) 0 0 no-repeat;
}
div.header h2 {
background: url(http://url.fortinet.net:8/XX/YY/ZZ/CI/MGPGHGPGPFGHCDPFGGOGFGEH) 0 -82px no-repeat;

I tried resetting the message to defaults and the same result. Any idea? FGT100D, 5.6.2 Thanks, Jirka

KordiaRG · ‎11-27-2017

I'm getting the same as Jirka. The default page had image urls pointing to http://url.fortinet.net:8008/xxx but now I customised it, the URL is http://url.fortinet.net:8/xxx which is broken. I've tried restoring the default and still getting the :8 port which fails with a timeout. I've tried permitting these ports in the policy but no change. If I copy the :8 URL to another browser window and change to :8008 it works and I get the image I expect.

FG300D - 5.4.5.

Jirka1 · ‎11-28-2017

Hello KordiaRG, i made a ticket and TAC told me that is a bug and will be fixed on 5.6.3. (ETA: end of this month). Jirka