Skip to main content
bmcnicholl86
bmcnicholl86
New Member
October 26, 2020
Question

gstatic.com/generate_204

  • October 26, 2020
  • 4 replies
  • 37944 views

Hi Everyone.

I have a customer who has a FGT 80E with full UTM features. The main web policy has Web Filtering, IPS, AV and SSL inspection Security Profiles assigned. The end users are reporting that randomly they will get redirected to gstatic.com/generate_204. Looking the browser history under gstatic.com/generate_204 it references "Fortinet DNS Service" which made me wonder if it was one of the Security Profiles causing the issue. I removed all profiles from the web rule and the issue still occurred.

 

I then came across this KB (https://kb.fortinet.com/kb/documentLink.do?externalID=FD36680) regarding  QUIC (Quick UDP Internet Connections) and as the customer had reported that the issue was with Google Chrome, I asked them to implement Method 1 from the KB on a machine that was experiencing the issue. Unfortunately this did not resolve the issue.

 

I have looked at the logs on the FGT and there is nothing there to help me. I am not convinced its a FGT issue (although the reference the Fortinet DNS Service is making me doubt myself) so I am hoping that someone here has seen this before? I have also raised a support ticket with Fortinet in the hope this has been seen before.

 

The FGT is running firmware v6.4.1 build1637 (GA).

 

Note: I have seen this error message when dealing with CWPs in the past but this is not applicable in this instance.

 

TIA.

    4 replies

    lobstercreed
    lobstercreed
    New Member
    October 26, 2020

    I don't think I've seen this before, but you do know 6.4.2 and 6.4.3 have been released, right?  I would recommend upgrading to 6.4.3 ASAP. 

     

    6.4.1 was crazy buggy and we saw things that didn't make any sense to us.  It was such a relief when 6.4.2 came out.

     

    FWIW, we saw strange things that sound *somewhat* like this on proxy mode policies.  Flow mode would fix it for us.  The issue was the SSL inspection, so we could either turn it completely off (no_inspection profile) or change to flow mode.

    bmcnicholl86
    bmcnicholl86Author
    New Member
    October 26, 2020
    lobstercreed wrote:
    I don't think I've seen this before, but you do know 6.4.2 and 6.4.3 have been released, right?  I would recommend upgrading to 6.4.3 ASAP.    6.4.1 was crazy buggy and we saw things that didn't make any sense to us.  It was such a relief when 6.4.2 came out.   FWIW, we saw strange things that sound *somewhat* like this on proxy mode policies.  Flow mode would fix it for us.  The issue was the SSL inspection, so we could either turn it completely off (no_inspection profile) or change to flow mode.
    Thanks for this. I realised that going from 6.0.x to 6.4.1 changed the default behaviour of the security profile from flow mode to proxy meaning that some of the profiles were rendered useless even though they were applied to flow based rule (exclamation mark was displayed beside the profile that was affected). Having read some forums, I was hopeful that switching the profiles to flow based would help but nope. Always conscious of rocking a new FW hence the reason we haven't upgraded to 6.4.3. You running 6.4.3 currently without issue?
    lobstercreed
    lobstercreed
    New Member
    October 26, 2020

    Yes, I upgraded Friday morning - no issues so far.  If you'd feel better, at least go to 6.4.2.  I was on it since the day after it came out and was never so happy to upgrade.  Had 4 TAC cases open on 6.4.1 for serious issues.

    FranKieSixx
    FranKieSixx
    New Member
    July 25, 2022

    Good morning,

    I'm reopening this thread because I'm struggling a lot.

    Every time a user tries to access internet via hotel/airport Wifi, Fortinet shows the "URL Blocked by FortiClient" with these details: "www.gstatic.com/generate_204 is in the category Unknown. FortiClient has been configured to block unrated URLs. This URL was categorized as unrated because the FortiGuard URL rating service is inaccessible."

    asd.jpg

     

     

     

     

     

     

     

     

     

     

     

     

     

     

    We have this issue since ever, starting from firmware v. 6.4 as I remember. 

    Actual details: FortiGate 200E, v. 7.2.0 build 1157.

     

    Is there a way to finally solve it? It's pretty annoying, especially when people is outside Europe and mobile hotspots are too expensive.

      Marcellomelan
      Marcellomelan
      New Member
      September 25, 2023

      Hey there! It sounds like you're dealing with quite the tech mystery. I've encountered similar issues before, and they can be quite frustrating. You've taken the right steps by checking logs and reaching out to Fortinet support. I also suggest you check for some guides at https://www.techtapto.com/what-is-gstatic-why-you-see-it-often/. Keep us updated on how it goes!

      SkylarDe
      SkylarDe
      New Member
      April 9, 2026

      I’ve run into that gstatic pop-up a few times with FortiGate setups. It’s usually just the device trying to verify internet connectivity through a captive portal check. If it keeps popping up even after you're authenticated, it might be a DNS or certificate issue on the firewall side.

      One weird thing I noticed is that it sometimes triggers when browsers try to load complex HTML elements in things like email signatures or auto-updates. I actually had a similar redirect issue recently and found that simplifying my HTML signature with this generator helped stop some of those odd browser behaviors. Might be worth checking if any background apps are hitting that URL!

      Terms & ConditionsAccessibility statement