Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
417
Views
0
Helpful
1
Replies

REM 11.6 IE 11 connection problem

Gustavo Javier Chiarelli
Level 4
Level 4

‎09-27-2017 08:45 AM

Hi everyone, We installed REM 11.5(1), now upgraded to 11.6(1) in a customer that is not using Reverse proxy, instead is using Fortinet FW that is doing SSL offloading and NAT, Connection from outside using Chrome and Firefox works fine, but with IE11 connection failed, stayed in "connecting" state, looking the plugin LOG file, we found that there is "tls handshake failed" error, do you know what are the requirements for the public certificate? The certificate is from Comodo, and works well for other applications and Chrome/ Firefox web browsers.

The certificate is loading in FW, from the inside network, we can connect with any problem with IE11

On the other side, customer wants to REAS node do the "ssl ofloading" and load the public certificate, is that supported? I did not find nothing about that in documentation, will this consume a lot of cpu resources?

Excuse me for my English...is not my native language.

Regards

Gustavo

Labels:
0 Helpful
1 Reply 1

robdoyle
Cisco Employee
Cisco Employee

‎09-29-2017 06:47 AM

Hi Gustavo,

It sounds like IE is not happy with the handshake on the Fortinet FW. Perhaps speak to Fortinet support regarding that? Some of the connections need to be upgradable to websockets and not all firewalls will support this by default.

On the other point, the REAS server isn't designed to be externally facing and would be vulnerable to attack so your customer is best to keep with the recommended architecture as outlined in the design guide.

Regards,

Rob

0 Helpful
Customers Also Viewed These Support Documents