Disable FortiGate SSL Inspection

FortiGate SSL/TLS inspection is the process of intercepting SSL/TLS encrypted Internet communication between the client and the server. Interception can be performed between the sender and the receiver and vice versa (receiver to sender) – it is the same technique used in man-in-the-middle (MiTM) attacks without the consent of both entities.

SSL/TLS Deep Inspection in Practice

When Deep Inspection is used, the FortiGate impersonates the recipient of the originating SSL session, then decrypts and inspects the content to find threats and block them. It then re-encrypts the content and sends it to the real recipient.

In practice, this sometimes leads to unwanted blocking, especially when using self-signed SSL certificates, and the FortiGate behaves like a black box. It is also often found that the connection to the Exchange Server is denied for Outlook clients, with Outlook issuing the following error.

There is a problem with the proxy server’s security certificate.
The name on the security certificate is invalid or does not match the name mail.example.org.
Outlook cannot connect to the proxy server. (Error code 8000000).

To disable the FortiGate SSL Inspection completely, you can create a clone for the Read-only Profile no-inspection under Security Profiles – SSL/SSH Inspection and configure it accordingly.

Under Protocol Port Mapping, an unused port is entered for HTTPS, which means that SSL/TLS Deep Inspection no longer takes place for port 443. Enable the configured custom-no-inspection profile for the corresponding policy. For policies for internal and VPN connections, SSL/TLS deep inspection should not be required.

Mark Block and Area in Windows Terminal

in addition to the ability to mark a character, a word and lines, windows terminal also provides to mark a block

A marking mode that can be particularly useful for tabular work. It is allowed to mark and edit information that is directly adjacent to each other, without including the entire lines in the marking and editing.

The Alt key is used for the block marking. Position the mouse pointer at the beginning or end of the block, press the Alt key together with the left mouse button and drag the marker to the other end of the block. The selected block is automatically copied to the clipboard.

Exit mobile version