[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 106
  • Last Modified:

Firewall issue with iPad restore though iTunes

I just installed a Fortigate 80D at a client site.  Installed fine but now client is saying that they cannot do a restore of their iPads and are getting a error when it tries to verify software?  Nothing is blocked going out of the firewall.  There is a content filter on Fortigate.  I have opened *.apple.com and *.verisign.com through the filter.  Any ideas what I might be missing?
0
DaveKall42
Asked:
DaveKall42
  • 5
  • 3
1 Solution
 
Peter LoobuyckCommented:
My best guess is that you scanning ssl traffic. I suggest you turn off all ssl filtering on the 17.0.0.0/8 subnet (it's all Apple).

The ipads will get through now..
0
 
DaveKall42Author Commented:
Ok, let me try that.
0
 
DaveKall42Author Commented:
I just created a new policy for lan to wan any to 17.0.0.0/8  for any ports with no services enabled on the policy.  That should work?
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
Peter LoobuyckCommented:
Yes, lan to wan to 17.0.0.0/8, without any um profile, just nat.
It's probably the deep ssl inspection. That replaces the ssl certificate to inspect it. Apple won't allow that I bet!
That should work.

Can you test it?
0
 
DaveKall42Author Commented:
I cannot today as I am not onsite.  Its a school so will be only able to test on Monday.
0
 
Peter LoobuyckCommented:
Allright, let me know on Monday if it's working or not..
0
 
DaveKall42Author Commented:
Will do, thanks so much for your help!
0
 
DaveKall42Author Commented:
Worked!!
0

Featured Post

 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

  • 5
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now