Solved

Websense and Fortinet

Posted on 2014-03-04
1
2,193 Views
Last Modified: 2014-04-03
I'm trying to setup web filtering with Websense appliance and a fortinet 300c firewall.   I have had several long conference calls with both companies and it's still not working.  Websense said they will only support policy based routing with the Fortinet.  They only support WCCP with Cisco.  Fortinet put in the rule, yet NO traffic is  hitting the websense appliance.  When we put websense appliance as a proxy in IE it works fine.  That's not a solution though as we have people using every browser out there.  Does anybody have an experience with this or suggestions?
0
Comment
Question by:rsl-nsg
1 Comment
 
LVL 10

Accepted Solution

by:
0xSaPx0 earned 500 total points
ID: 39942607
First off you will need to make sure you have both websense configured and the fortinet.

Here is a quick guide for the fortinet : http://kb.fortinet.com/kb/viewContent.do?externalId=FD32926

 WCCP on Websense can be found in the Content gateway documentation:
http://www.websense.com/content/support/library/web/v78/wcg_help/first.aspx


The next step is to setup debugs on the firewall to see if packets are redirecting to the appliance properly.

If thats working, you can use tcpdump from the Websense toolbox to see if packets are getting to websense and what responses are being sent out. That should help isolate the cause and make it possible to engage the correct support team.

Beyond that, I can say Websense WCCP support i designed for Cisco, and can work with other vendors but they must be RFC complaint to the T. Best of luck and if nothing works remember there are other ways to do Transparent proxying using websense such as using the network agent.
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
An overview of HIPAA and guidance on this topic that Experts Exchange members can offer.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

932 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now