Fortinet Document Library

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

FortiGate-6000 Handbook

Global option for proxy-based certificate queries

In some cases you may want to be able to send certificate queries using a FortiGate-6000 management interface instead of a data interface. FortiGate-6000 includes the following global command that you can use to enable or disable using a data interface or a system management interface for certificate queries for proxy-based firewall policies.

config global

config system global

set proxy-cert-use-mgmt-vdom {disable | enable}

end

This option is disabled by default and by default data interfaces are used to send certificate queries for proxy-based firewall policies. Enable this option to send certificate queries for proxy-based firewall policies through the mgmt-vdom VDOM using FortiGate-6000 management interfaces.

Global option for proxy-based certificate queries

In some cases you may want to be able to send certificate queries using a FortiGate-6000 management interface instead of a data interface. FortiGate-6000 includes the following global command that you can use to enable or disable using a data interface or a system management interface for certificate queries for proxy-based firewall policies.

config global

config system global

set proxy-cert-use-mgmt-vdom {disable | enable}

end

This option is disabled by default and by default data interfaces are used to send certificate queries for proxy-based firewall policies. Enable this option to send certificate queries for proxy-based firewall policies through the mgmt-vdom VDOM using FortiGate-6000 management interfaces.