Skip to main content
snobs
New Member
January 11, 2019
Question

FG-500E: HTTPS web filter doesn´t work

  • January 11, 2019
  • 1 reply
  • 3322 views

Hello,

 

web filter with domains starting with https doesn´t work. Something is missing.

- Is it possible to activate SSL Inspection for "static URL filter" (web filter) without activating "deep inspection"?

 

I looked for possibilities around the web for activating SSL Inspection:

 

config system global
set gui-webfilter-advanced enable

=> set gui-webfilter-advanced enable doesn´t exist

 


config webfilter profile
edit "phishing"
set inspection-mode flow-based
set options https-scan

=> "set options https-scan" doesn´t exist

 

config firewall profile-protocol-options
edit phishing
config https

=> "confige https" doesn´t exist

 

Any hints would be great

Regards

1 reply

bmorris
New Member
February 13, 2019

You will need to configure SSL Deep Packet inspection to enable the functionality you need. Without it the FortiGate cannot identify whether the traffic should be allowed or denied if the traffic is encrypyted (HTTPS/SSL).