Solved

Fortigate not allowing connections to IP based URL

Posted on 2014-02-06
2
982 Views
Last Modified: 2014-03-27
We have a FortiWiFi 40C protecting our network.

We need to connect to a site on the web that does not have a DNS name but only an IP address.

It tries to connect and says "this page cannot be displayed" and gives an option to fix connection problems?

if I try to connect to the same site using the WiFi connection on the same Fortigate it works fine, as well as from outside the network.

Is there some setting that has disabled connections to sites that use an IP address and not a "name" or is it possible that it checks reverse lookups and rejects the browse because of this ?

thank you
0
Comment
Question by:terryfos
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
2 Comments
 
LVL 63

Expert Comment

by:btan
ID: 39843383
0
 
LVL 63

Accepted Solution

by:
btan earned 500 total points
ID: 39843386
In the extreme to see if it is the box, disable the policy and see if the traffic goes through for IP and URL, else review the web filter rules and in particular this one below

http://docs-legacy.fortinet.com/cb/html/index.html#page/FOS_Cookbook/UTM/cb_utm_wf_check_ip_addresses.html

Also the web sites your users visit will be recorded in the UTM log. The default settings of the UTM log page do not display the URLs. Configure the log settings to display URLs. When you view the UTM log, the hostname column will display the domain name of site, and the URL will display the path of the file accessed on the host.

http://docs-legacy.fortinet.com/cb/html/index.html#page/FOS_Cookbook/UTM/cb_utm_wf_block_urls.html
0

Featured Post

NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The use of stolen credentials is a hot commodity this year allowing threat actors to move laterally within the network in order to avoid breach detection.
Read about achieving the basic levels of HRIS security in the workplace.
In a recent question (https://www.experts-exchange.com/questions/29004105/Run-AutoHotkey-script-directly-from-Notepad.html) here at Experts Exchange, a member asked how to run an AutoHotkey script (.AHK) directly from Notepad++ (aka NPP). This video…

740 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question