Skip to main content
Quint021
Staff
Quint021
Staff
May 19, 2025

Technical Tip: Unable to create a DLP profile rule with only file-type set in the GUI

  • May 19, 2025
  • 0 replies
  • 342 views
Description This article describes the error encountered where a DLP Sensor is a mandatory field when attempting to create a DLP profile rule of only file-type in the GUI.
Scope FortiGate v7.4, v7.6.
Solution

When navigating to Security Profiles -> Data Loss Prevention -> [Profile Tab] -> Create New -> New Rule, the following error can be encountered after attempting to save a file-type only rule:

 

Mandatory_sensor.PNG

 

Workaround.

  1. Create a File Type in the CLI

 

config dlp filepattern
    edit 300
        set name "JPEG Type"
            config entries
                edit "JPEG"
                    set filter-type type
                    set file-type jpeg
                next
            end
    next
end

 

  1. Create a File-Type only profile rule in the CLI.

 

config dlp profile
    edit "Block JPEG"
        config rule
            edit 1
                set proto smtp pop3 imap http-get http-post ftp nntp cifs
                set file-type 300
                set action block
            next
        end
    next

end

 

This issue has a tentative fix in v7.4.8 and v7.6.4.
    Terms & ConditionsAccessibility statement