Hello, I tried to follow intructions from Fortinet to be able able to create an automated Certificate for SSL VPN purpose but it's not working...
Requirements were : Public IP address with Hostname in DNS and it's ok
ACME interface without VIPS or port forwarding in 80 and 443, that's why I choose my second WAN link where there is nothing about that.
If you see this page it is because you have reached the default website.
This should not happen under normal circumstances. Probably you are trying to access your website using a name which has not been configured on your website, or your DNS record is not pointing to the right server.
think fortigate doesn't know about that subdomain?
We have a virtual wan link, 2 differents providers. I put WAN2 as this one is not using VIP nor port forwarding as describe in the documentation :
"The configured ACME interface must be public facing so that the FortiGate can listen for ACME update requests. It must not have any VIPs, or port forwarding on port 80 (HTTP) or 443 (HTTPS)."
Speak with Fortinet support.
IIRC, there was a problem with ACME and multiple WAN interfaces.
I don't remember which FortiOS was affected, nor which version fixes that problem.
Hello ! The problem is solved, I had a firewall rule using the port 443, the port which is using ACME, so we were able to make it work at the moment that we find it.
Nothing worked with the WAN2 so we did it with the WAN 1 !