enable sni on a fortiweb for back-end servers in a ADFS configuration

No Comments
Jul, 21, 2017
Angelo Schalley
adfs/saml, Fortigate/Fortinet, FortiWeb, Networking, security

Configuring server-side SNI support (needed for Microsoft ADFS)

FortiWeb supports server-side SNI (Server Name Indication). You use this feature when you have the following configuration requirements:

The operating mode is reverse proxy or true transparent proxy.
You offload SSL/TLS processing to FortiWeb and use SSL/TLS for connections between FortiWeb and the pool member (end-to-end encryption).
One or more server pool members require SNI support.

common used snmp oid fortigate mib core

CORE:

Traps:

.1.3.6.1.4.1.12356.100.1.3.0.101
Indicates that the CPU usage has exceeded the configured threshold.

.1.3.6.1.4.1.12356.100.1.3.0.102
Indicates memory usage has exceeded the configured threshold.

.1.3.6.1.4.1.12356.100.1.3.0.103
Log disk usage has exceeded the configured threshold.

config vdom

edit “vdom name”

config system interface

edit “interface name” (lookup via “show” when in ‘config system interface’ mode)

set secondary-IP {enable | disable}

config secondaryip

edit 1 (or any other number)

set ip <ipv4-classnet-host>

set allowaccess {ping | https | ssh | snmp | http | telnet | fgfm | auto-ipsec}

enable sni on a fortiweb for back-end servers in a ADFS configuration

enable sni on a fortiweb for back-end servers in a ADFS configuration

common used snmp oid fortigate mib core

configure secondary ip address on a Fortigate command line

Tag Cloud

Categories

Meta