Created on 03-29-2024 09:15 AM Edited on 03-29-2024 09:16 AM By Jean-Philippe_P
Description |
This article describes a given scenario, where the Admin is not able to block any website using Webfilter profile. FortiGate has a reliable connection with FortiGuard servers with full licensing as well. Admin also has Custom-deep-inspection enabled.
Under the default profile, the admin has Streaming Media and Download Category disabled, and a URL filter for youtube.com has also been created.
The picture below shows that Youtube.com is still accessible even after blocking it in the Webfilter security profile.
The Screenshot below shows the root cause of the problem. Admin has Custom-deep-Inspection enabled on the policy but HTTPS inspection is disabled. Webfilter security profile checks the URL of the website and takes the appropriate action. Whereas in this scenario HTTPS inspection is disabled so Webfilter does not inspect any website.
|
Scope | FortiGate, All firmware. |
Solution |
After enabling the HTTPS inspection port under the Custom-deep-Inspection profile as shown above, the Webfilter would start inspecting the traffic and hence it is possible to see the block page below.
Related Articles : Troubleshooting Tip: Unable to connect to FortiGuard servers |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.