Open TheSparrowB opened 2 years ago
Did FortiGuard install your own certificate for you? Check by opening, for example, GitHub, clicking on the lock icon in the address bar, and viewing certificate details -> issuer.
Hi. Thanks for the fast response. This is what it shows.
Try to visit the desired site via HTTPS
Ok. With https the result is the same.
You may try to enable SNI Modification, so it will be difficult to detect to which site you are trying to connect.
Use, for example, github.com
as fake SNI host.
You will need to import the certificate (powertunnel.pem
) to Firefox: instruction
Ok. I activated SNI and disabled https chunking.
Then I added some sites in the blacklist.
I installed the certificate in the PC with success.
I imported the .pem file in firefox too. But then when I try to access (i.e. cuevana) then it shows this.
Change Spoil SNI to Fake SNI and set github.com
as fake SNI host.
Ok. I changed it.
But no changes from previous result.
I think the TLS connection is still being interrupted by the firewall. Something is wrong with the MITM implementation in PowerTunnel >= 2.0, try this version: https://github.com/krlvm/PowerTunnel/releases/tag/v1.14
You will need to install the certificate again
Ok. I tried the other version and removed both certificates from broser and local machine. Then installed again. The configuration is like this:
The blacklist is the same:
But this time when I activate the proxy on firefox. I don't have access to any webpage. Just localhost.
This is the error.
The blacklist in the old versions that you showed is not needed to unlock something, but on the contrary, to block something.
Shutdown PowerTunnel server, clear the blacklist, uncheck this and try again with cuevana
:
Ok. Cleared the flags.
Cleared the blacklist.
Now I have access to other pages but still can't access to cuevana.
Apparently they still use SNI filtering, though I can't confirm this as I don't have anywhere to test it. The last thing worth trying is switching to Erase SNI mode.
Ohh well, I tried now with the "erase" mode and still no changes. One thing I noted is that now this error appears in most pages now.
Well, I think the security is heavy in my workplace so, there's nothing more to do. Thanks for all pal.
Hi. I ran this software on my workplace PC. I haven't changed any parameters from the plugins. Then, I configured the proxy (as shown) in the firefox browser.
But when I try to enter in a blocked page like cuevana, this thing appears.
Is there a way to make it work to bypass the fortiguard firewall? Am i missing something? Do I need to add an extra plugin?. Please I need help.