Skip to main content
matap123
matap123
New Member
March 12, 2013
Question

Can' t download files

  • March 12, 2013
  • 4 replies
  • 15798 views
Hi everyone. My boss installed a Fortinet Firewall in the office. It was configured by a so called expert and, since then, no one is to be able to download files. The download starts fine, but after a few seconds, the transfer rate drops to 0. Internet browsing works fine. I have administrative permissions on the firewall, so I tried to tweak it a little. I disabled QoS policies, UTM, logging and everything I could find for the group that I' m into, but still, I can' t download files. I know it' s kind of a long shot, but anyone had any similar experiences? Is the behaviour that I' m noticing controlled by a configuration that I' m overlooking? If anyone could help me, I will appreciate, because I' m about to set that Fortinet on fire

    4 replies

    Dave_Hall
    Dave_Hall
    New Member
    March 12, 2013
    Maybe check the Protocol Options used in the Firewall Policy(ies) to see how the fortigate is suppose to handle over-sized files (for the protocols involved). You may wish to check the Comfort Clients option if you want the Fortigate to give the impression that something is being download while it buffers the download into the fgt' s memory.
    matap123
    matap123Author
    New Member
    March 13, 2013
    Increasing the Threshold and setting the Comfort Clients improved it. Our files still get cancelled on the middle of a download, so we have to use download managers, but now every 20 mb or so. Previously, our downloads were being cancelled every 1 or 2 mb. I can live with that for now. Thanks a lot Dave
    Rick_H
    Rick_H
    New Member
    March 14, 2013
    In addition to turning " Comfort" on also make sure your " Oversized" setting is on Pass rather than Block. If using multiple protocol profiles make sure you have the right one set on your UTM-enabled policy.
    Dave_Hall
    Dave_Hall
    New Member
    March 13, 2013

    Our files still get cancelled on the middle of a download, so we have to use download managers, but now every 20 mb or so.
    If downloading >20 mb files is the norm in your company and these sites are reputable, you may want to create fqdn firewall objects for those site, put them into groups, then create a firewall policy giving lesser restricted (or free) access to those sites. (If enabling UTM on this new firewall policy, create a separate Protocol Options policy for that firewall to allow oversized files to pass.) Then move this firewall policy up in the firewall policy list so it is triggered. We have a standard firewall policy like the above that pretty much allows unrestricted/unblocked access to the Microsoft download/update sites. See this thread.

    networkingkool
    networkingkool
    New Member
    May 3, 2013
    In My Fortigate OS ver 5.0 there is only 1 option " block file/email that exceed the threshold limit" My Fortigate has only setting for http protocol. The Https protocol is no longer exist in both web manager and CLI. I want to limit my users to upload file (size < 50 MB) to sharing website using HTTP POST Comfort Action. But some sharing website like mediafire.com maybe use HTTPS to transfer. Can someone give me any ideas? Thanks you very much
    Terms & ConditionsAccessibility statement