Fortinet black logo

FortiGate-7000F Handbook

Global option for proxy-based certificate queries

Copy Link
Copy Doc ID f500a482-2873-11ec-8c53-00505692583a:334161
Download PDF

Global option for proxy-based certificate queries

In some cases you may want to be able to send certificate queries using a FortiGate-7000F management interface instead of a data interface. FortiGate-7000F includes the following global command that you can use to enable or disable using a data interface or a system management interface for certificate queries for proxy-based firewall policies.

config global

config system global

set proxy-cert-use-mgmt-vdom {disable | enable}

end

This option is disabled by default and by default data interfaces are used to send certificate queries for proxy-based firewall policies. Enable this option to send certificate queries for proxy-based firewall policies through the mgmt-vdom VDOM using FortiGate-7000F management interfaces.

Global option for proxy-based certificate queries

In some cases you may want to be able to send certificate queries using a FortiGate-7000F management interface instead of a data interface. FortiGate-7000F includes the following global command that you can use to enable or disable using a data interface or a system management interface for certificate queries for proxy-based firewall policies.

config global

config system global

set proxy-cert-use-mgmt-vdom {disable | enable}

end

This option is disabled by default and by default data interfaces are used to send certificate queries for proxy-based firewall policies. Enable this option to send certificate queries for proxy-based firewall policies through the mgmt-vdom VDOM using FortiGate-7000F management interfaces.