Unable to use SSL Inspection on NGFW Policy mode

Author
AlexeyKo
New Member
  • Total Posts : 1
  • Scores: 0
  • Reward points: 0
  • Joined: 2019/08/19 23:09:54
  • Status: offline
2019/08/19 23:28:49 (permalink)
0

Unable to use SSL Inspection on NGFW Policy mode

Hi All,
 
Apologies ahead for my English as it not my native language.
 
We run on our LAN Fortigate 3000D with 6.0.4 OS, NGFW Policy mode inspection.
I want to apply SSL Inspection on Internet traffic on different ports, decrypt SSL on port 8080 towards our Proxy server and Decrypt SSL on port 443 for direct internet access.
I have configured different SSL-Inspection profiles for different ports and different certificates for each, however, when i went to apply a profile to some test policy the ssl-inspection bar is grey out.
Some point -
  • Use multiple security profiles enabled under feature visibility.
  • When you pick NGFW policy mode on 6.0 you have to pick some default ssl-inspection profile, which i did for simple certificate inspection.
  • On YouTube i found some video made by Guru where i saw that different inspection profiles is an option on NGFW policy mode and there is no only one default profile for all my traffic. https://www.youtube.com/watch?v=4rbcr5DcjKY3
  • Didnt find any option under CLI which enable or disable use of multiple ssl-profiles.
I have opened a TAC ticket but no answer yet so i turn to public help, does anyone faced same issue and were able to fix it?
 
Thanks for any help,
Alexey
#1

0 Replies Related Threads

    Jump to:
    © 2019 APG vNext Commercial Version 5.5