Description
Under UTM Profiles > Application Control > Application Sensor a user is able to use the filter function to search for and select which applications to use in the profile. The filtering function incorrectly matches certain categories as selected in the filter box on the left.
In the example below, choosing category P@P incorrectly displays Proxy entries in the Applications / Settings box on the right. This results in an incorrect application being applied in the UTM profile and thus the FortiGate device fails to filter the correct application.
Scope
All FortiGate models running FortiOS v4.0 MR3 Patch Release 1 through 4 inclusive and using IPS signature version 3.00136 and later.
Solution
The problem is resolved in the upcoming release of FortiOS v4.0 MR3 Patch Release 5 (B0513). For users running FortiOS v4.0 MR3 Patch Release 1 through 4 inclusive, you may use the CLI to workaround the web UI issue.
The following example was created via the GUI, P2P was selected but Proxy is displayed with related applications:
The following commands can be used to correct the mismatch:
config application list edit default config entries edit 1 set category ID Select Category ID 1 IM 2 P2P 3 VoIP 5 Media 6 Proxy 7 Remote.Access 8 Game 12 Web 13 Protocol.Command 15 Network.Service 16 Business 17 Update 19 Botnet 21 eMail set category 2 end |
The GUI now reflects the correct category of P2P: