It has two legs with the FGT as a MiTM
1st leg ( client ) .
Web-browser------(forged CA cert )------FGT
2nd leg ( server side )
FGT---------( real server cert ) ------WebServer
Ken Felix
PCNSE
NSE
StrongSwan
Thanks Ken for your answer.
So, regarding to the session, it means that a TLS session will be made between the client and the FGT, and a second TLS session will be made between the FGT and the remote web server ?
Client <=== tls#1 ===> FGT <=== tls#2 ===> Webserver
So the FGT will "brake" the original TLS session ?
What about the TCP session ? Will it remain the same ?
Client <--> FGT <--> Webserver
<===== TCP Session ====>
Thanks a lot
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.