Skip to main content
AHoffpauir
AHoffpauir
Explorer
November 26, 2024
Solved

Fortigate 30G can't add AntiVirus and Web Filter profiles to Firewall Policies

  • November 26, 2024
  • 6 replies
  • 6935 views

I am having an issue with AntiVirus and Web Filter. I have profiles created but I can't add them in the firewall policies. It has a field to add them but the drop down list doesn't show any of the created profiles.
FortiGate-30G
v7.2.8 build6390 (Mature)

Fortigate 30G Profile in Policies issue.JPG

 

Best answer by mzainuddinahm

Currently, this is being investigated by the engineering team on Fortigate/FortiWiFi 30/31G running FortiOS 7.2.8GA.

 

Workaround:

Until this is fixed, the Webfilter & Antivirus profiles can be enabled using the CLI

 

config firewall policy
edit <policyid>

set utm-status enable

set av-profile <profile_name>

set webfilter-profile <profile_name>

end

6 replies

DPadula
Staff & Editor
DPadula
Staff & Editor
November 26, 2024

Did you create a proxy or flow based profile? 
Change the firewall rule from one mode to another and confirm if the profiles created shown up.

    AHoffpauir
    AHoffpauirAuthor
    Explorer
    November 26, 2024

    I don't see an option for proxy or flow. I am trying both the default profiles that came with the firewall as well as profiles I created.

    Fortigate 30G Profile in Policies issue 2.JPG

     

    Fortigate 30G Profile in Policies issue 3.JPG

     

    sjoshi
    Staff
    sjoshi
    Staff
    November 27, 2024

    please check from the CLI and make sure if the firewall policy is in flow mode then the AV and webfilter should also be in flow mode.

     

    config webfilter profile
    edit "new-wf-profile"
    set feature-set {flow | proxy}
    end

    Thanks, Salon
      AHoffpauir
      AHoffpauirAuthor
      Explorer
      November 27, 2024

      There is no "feature-set" set command (see attached screenshot)

      Fortigate 30G Profile in Policies issue 5.JPG

       

      AHoffpauir
      AHoffpauirAuthor
      Explorer
      December 11, 2024

      I still haven't found a fix for this, any ideas?

      sjoshi
      Staff
      sjoshi
      Staff
      December 11, 2024

      can you let me know your exact FGT version? Is it in v7.4+ version

      Also the model is 30G ryt?

      Thanks, Salon
        AHoffpauir
        AHoffpauirAuthor
        Explorer
        December 11, 2024

        FortiGate-30G
        v7.2.8 build6390 (Mature)
        I included this information in the original post

        mzainuddinahm
        Staff & Editor
        mzainuddinahmAnswer
        Staff & Editor
        December 18, 2024

        Currently, this is being investigated by the engineering team on Fortigate/FortiWiFi 30/31G running FortiOS 7.2.8GA.

         

        Workaround:

        Until this is fixed, the Webfilter & Antivirus profiles can be enabled using the CLI

         

        config firewall policy
        edit <policyid>

        set utm-status enable

        set av-profile <profile_name>

        set webfilter-profile <profile_name>

        end

          mahesh_pm
          mahesh_pm
          Explorer
          May 16, 2025

          update to 7.2.11

          AHoffpauir
          AHoffpauirAuthor
          Explorer
          May 16, 2025
           

          Fortifail.png

          "I've been struggling with FortiGate for 6 months now. The OS upgrade process is overly complicated, requiring too many steps. My Palo Alto, despite its own issues, at least handles updates smoothly. Looking for a simpler solution, any suggestions?"

           

          absolute_mad_lad
          absolute_mad_lad
          Visitor III
          May 26, 2025

          This bug also seems to impact the FortiGate-60F running v7.6.3 build3510 (Feature). Your provided workaround is required for me to leverage web filtering in my environment.

          Terms & ConditionsAccessibility statement