Can someone give a quick overview (or point me to docs please) of how
FPX matches explicit proxy traffic it gets _in detail_? From what I
understand so far* Policy looks at ACE of type explicit proxy and tries
to match (interfaces,src,dst,schedule,se...
I see this has been added in 7.4, which is a good thing, but it is
somehow very
limited.(https://docs.fortinet.com/document/fortigate/7.4.3/administration-guide/266506/ssl-vpn-with-certificate-authentication)UPDATE:
correct link is:
https://docs.fort...
Do I have to include the delimiters!? I.e. do I have to
write/fortinet/orfortinetWhat if I'm matching a path?Do I
write/fortinet\.com\/blub/or can I change the delimiter which makes it
more readable?|fortinet\.com/blub|or is it already escaping on it...
I am having a hard time figuring out how exactly a decision is taken
when multiple UTM profiles and multiple rules are in play. But let's
have a simple example: I have a HTTP request that goes into category
"Information Technology".However it is bein...
Hello. Two questions: 1) Does FortiProxy Eval (VM) allow to do SSL
interception? I tried (enabled deep inspection for a policy item) but
nothing happens: I just see the original certs being used when browsing
through the proxy. 2) I would like to kno...
Sure but the problem is sending the info to radiusconfig user radius
edit set account-key-processing {same | strip} set
account-key-cert-field {othername | rfc822name | dnsname} <----- not
many options next endAlso it requires adding a local user......
That works well unless you want to use a captive portal to authenticate
the connection to the virtual server. In this case it will present the
portal using HTTP and not HTTPS which is not good.
I didn't even realize there was another DB besides Webfilter and
Appcontrol, namely "internet services".... :flushed_face:Thanks for all
the valuable information so far. UPDATE Oh that's because they are not
shown on the quick edit pane. You have to ...
Hello, So if I want to do the following, how do I do it without losing
overview of my rules? All users have access to everything, restricted by
webfilter and appcontrol:* Source: IP/Usergroup* Destination: all*
Service: HTTP/HTTPS* Security Profiles:...
