Solved

Fortigate not allowing connections to IP based URL

Posted on 2014-02-06
2
904 Views
Last Modified: 2014-03-27
We have a FortiWiFi 40C protecting our network.

We need to connect to a site on the web that does not have a DNS name but only an IP address.

It tries to connect and says "this page cannot be displayed" and gives an option to fix connection problems?

if I try to connect to the same site using the WiFi connection on the same Fortigate it works fine, as well as from outside the network.

Is there some setting that has disabled connections to sites that use an IP address and not a "name" or is it possible that it checks reverse lookups and rejects the browse because of this ?

thank you
0
Comment
Question by:terryfos
  • 2
2 Comments
 
LVL 62

Expert Comment

by:btan
ID: 39843383
0
 
LVL 62

Accepted Solution

by:
btan earned 500 total points
ID: 39843386
In the extreme to see if it is the box, disable the policy and see if the traffic goes through for IP and URL, else review the web filter rules and in particular this one below

http://docs-legacy.fortinet.com/cb/html/index.html#page/FOS_Cookbook/UTM/cb_utm_wf_check_ip_addresses.html

Also the web sites your users visit will be recorded in the UTM log. The default settings of the UTM log page do not display the URLs. Configure the log settings to display URLs. When you view the UTM log, the hostname column will display the domain name of site, and the URL will display the path of the file accessed on the host.

http://docs-legacy.fortinet.com/cb/html/index.html#page/FOS_Cookbook/UTM/cb_utm_wf_block_urls.html
0

Featured Post

Gigs: Get Your Project Delivered by an Expert

Select from freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This subject  of securing wireless devices conjures up visions of your PC or mobile phone connecting to the Internet through some hotspot at Starbucks. But it is so much more than that. Let’s look at the facts: devices#sthash.eoFY7dic.
This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

786 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question