Thank you for your explanation and cooperation My actual question, The outbound traffic from the Inside to the internet (the end-user is using FortiGate certificates in browser-trusted location) currently, Fortinet is doing the SSL Inspection and acts as a forward proxy for the user internet traffic. Palo alto as a parameter firewall that acts as transparent for the Fortinet inspected Traffics (means current PA doesn’t Inspect the received traffic it’s just forward the received traffic from Fortinet firewall. ) My Expectation, as users, brings the Fortinet certificate to browse the trusted sites. The Palo alto to inspect the SSL traffic too, whichever comes from Fortinet firewall, That means users bring the Fortinet certificate from the trust LAN to browse the internet and the Fortinet firewalls perform the SSL Inspection as the first stage level, then it's forward to PA for SSL inspection as a second stage. In short, I am looking for that, Palo alto to do the SSL inspection with the Fortinet certificate which is already inspecting by the Fortinet FW. Please advise me... its achievable or its the right way to do inspection with box.
... View more