Solved

Firewall issue with iPad restore though iTunes

Posted on 2015-02-06
8
99 Views
Last Modified: 2015-02-17
I just installed a Fortigate 80D at a client site.  Installed fine but now client is saying that they cannot do a restore of their iPads and are getting a error when it tries to verify software?  Nothing is blocked going out of the firewall.  There is a content filter on Fortigate.  I have opened *.apple.com and *.verisign.com through the filter.  Any ideas what I might be missing?
0
Comment
Question by:DaveKall42
  • 5
  • 3
8 Comments
 
LVL 7

Accepted Solution

by:
Peter Loobuyck earned 500 total points
ID: 40595642
My best guess is that you scanning ssl traffic. I suggest you turn off all ssl filtering on the 17.0.0.0/8 subnet (it's all Apple).

The ipads will get through now..
0
 

Author Comment

by:DaveKall42
ID: 40595705
Ok, let me try that.
0
 

Author Comment

by:DaveKall42
ID: 40595709
I just created a new policy for lan to wan any to 17.0.0.0/8  for any ports with no services enabled on the policy.  That should work?
0
 
LVL 7

Expert Comment

by:Peter Loobuyck
ID: 40595754
Yes, lan to wan to 17.0.0.0/8, without any um profile, just nat.
It's probably the deep ssl inspection. That replaces the ssl certificate to inspect it. Apple won't allow that I bet!
That should work.

Can you test it?
0
Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

 

Author Comment

by:DaveKall42
ID: 40595755
I cannot today as I am not onsite.  Its a school so will be only able to test on Monday.
0
 
LVL 7

Expert Comment

by:Peter Loobuyck
ID: 40595768
Allright, let me know on Monday if it's working or not..
0
 

Author Comment

by:DaveKall42
ID: 40595770
Will do, thanks so much for your help!
0
 

Author Closing Comment

by:DaveKall42
ID: 40615518
Worked!!
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

iPad in the Business – Quick Start Part 1 Getting Started with Active Sync Mail Many people seem to have issues connecting their iOS device to their company Exchange Server and this article covers the steps for Active Sync configuration as wel…
Short answer to this question: there is no effective WiFi manager in iOS devices as seen in Windows WiFi or Macbook OSx WiFi management, but this article will try and provide some amicable solutions to better suite your needs.
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now