Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
dstockwell
New Contributor

web registration of software not working for AFD postcode

Hi,

 

I am trying to register this software using a standard web registration page that has not been working through our Fortinet filtering/firewall since we had it setup back in March of this year. The software is AFD postcode and the registration process works fine on a Mobil 4g connection. This registration process is a simple web page with a couple of account number/serial number forms that then sends back a client specific code to activate the license.

 

I am going to contact the vendor as well to see if they can help but I suspect the issues is rooted In Fortinet. Any thoughts of where to check or look would be greatly appreciated.

 

The frustrating thing is we have a limited pool of 20 licenses and every time we attempt this process it does allocate one of the licenses but we don’t get the activation back successfully.

 

http://www.afd.co.uk/support/registrations/

 

I fill in this form and hit “register now” and then get a fairly standard browser error/no response.

 

 https://drive.google.com/file/d/1XFfcuk92jige5mrKIZ9JwbID63NbCqU6/view

 

We have noticed that the response page is from a different url/subdomain and this does also have a different public IP address.

  

I have been digging through our firewall logs and can’t see any particular block/application rejection.

 

 https://drive.google.com/open?id=1eBcn-PDRT-jYopPWoidZHjhzbmF45Irr

 

 any thoughts/ logging ot chek greatly appreacieated

 

Dan Stockwell

Desktop & Systems engineer

Crawley College

2 REPLIES 2
dstockwell
New Contributor

Hi

 

i have been testing this again today. when I had a test machine on a public ip address bypassing fortinet the process worked.

 

we have a test policy on fortinet that i worked through disabling the web filtering, then application filtering then IPS. finally I disabled the anti virus policy and this proved to be the key and the registration process worked.

 

so it the long url passing with a TEXTSEARCH type and several codes of our activation etc that is being blocked. though i cant see it hit an event in the AV logs...

 

Im now going to speak to the boss and decide the best way forward. it does not look like there is any mechanism to disable html av filtering on a single domain? so i think we will have to set up a policy to be just monitor the AV traffic that is only used by the administrator that will be installing this software.

 

kind regards

 

Daniel Stockwell

 

Dave_Hall
Honored Contributor

Generally, there may be a couple ways to get around this type of problem.  From the second screenshot it looks like there are two similar domains (register.afd.co.uk and www.afd.co.uk).  You could setup URL filter rules that exempts (or allow) these two domains in the web filter that is applied to general web traffic.  If you want to narrow or target those two sites only, you would need to use them as the target destination in setting up a new firewall rule, applying whatever UTM features, etc.

 

If you are using one computer to make the registrations, you may just want to isolate and put that computer(s) into a group with a different set of "less restrictive" UTM polices, though due caution should be taken.

 

dstockwell@crawley.ac.uk wrote:

Im now going to speak to the boss and decide the best way forward. it does not look like there is any mechanism to disable html av filtering on a single domain? so i think we will have to set up a policy to be just monitor the AV traffic that is only used by the administrator that will be installing this software.

 

NSE4/FMG-VM64/FortiAnalyzer-VM/6.0 (FWF30E/FW92D/FGT200D/FGT101E/FGT81E)/ FAP220B/221C

NSE4/FMG-VM64/FortiAnalyzer-VM/6.0 (FWF30E/FW92D/FGT200D/FGT101E/FGT81E)/ FAP220B/221C
Labels
Top Kudoed Authors