SSL DPI scanning not allowing iCloud and Apple Services
Hello,
This is my first post. So please be easy on me.
I have a Fortigate200D and we are doing SSL DPI (Deep Packet Inspection) on all encrypted traffic. I noticed that all of my Apple devices do not allow me to update now. Also, I cannot log into iCloud using the Settings on my iPad devices.
Apple thinks it cannot trust the certificate because it thinks there's a man in the middle attack. I can apply (accept) our Firewall certs and access akk port 443 websites (SSL) using safari and no issues with that.... it's just when the iPad itself tries to connect.
I'd like to set some exceptions in the firewall to skip all icloud and apple related services. I tried *.icloud.com and *.itunes.com but it didn't work.
Does anyone know the FQDN for the sites or the IP addresses I will need to put as a DPI exception to allow that traffic to pass through our firewall?
Many Thanks! Also thanks for showing mercy.
Apple Ipad 3, iPad Air 1 IOS 8.3
Joseph 😊
iPad (3rd gen) Wi-Fi, iOS 8.3