Skip to main content
dontmindme
dontmindme
Explorer
November 17, 2021
Solved

Explicit Proxy in "Policy-based" mode?

  • November 17, 2021
  • 3 replies
  • 3615 views

Hi.

I switched from profile-based to policy-based and i cant find anywhere to add a explicit proxy on my firewall anymore? I have search for any features that are not available when enabling "policy-based" but i cant find any mentions of the explicit proxy feature dissapearing.

 

Any input?

Best answer by peter7979

NGFW policy-based I think is only flow based i.e. you cannot have proxy features

3 replies

peter7979
Staff & Editor
peter7979Answer
Staff & Editor
November 17, 2021

NGFW policy-based I think is only flow based i.e. you cannot have proxy features

    Debbie_FTNT
    Staff & Editor
    Debbie_FTNT
    Staff & Editor
    November 17, 2021

    Hi @dontmindme ,

     

    as @peter7979 mentioned, FortiGates or VDOMs in policy-mode are exclusively in flow-mode inspection; the Explicit Proxy feature however requires proxy-mode inspection (inspection mode used to be set per-VDOM even in profile-based mode), so explicit proxy is currently not possible in policy-mode.

     

    A note mentioning that policy-mode means flow-inspection only can be found here:

    https://docs.fortinet.com/document/fortigate/6.2.0/cookbook/978598/profile-based-ngfw-vs-policy-based-ngfw

     

    Sorry to be the bearer of bad news.

      dontmindme
      dontmindmeAuthor
      Explorer
      November 17, 2021

      Thank you for the clarification!

       

      Terms & ConditionsAccessibility statement