Skip to main content
simonl
simonl
New Member
July 9, 2019
Solved

URL still blocked after allowing in web filter & DNS filter

  • July 9, 2019
  • 1 reply
  • 41798 views

Hi all,

 

A weird one. I've added a URL in the web filter and DNS filter and set it to allow. However the URL still gets blocked. I've also added a web rating override to make it unrated and still no luck. I'm not sure if this is a bug (couldn't find evidence of one), or if I'm missing something.

 

Web Page Blocked!

You have tried to access a web page which is in violation of your internet usage policy.

URL: ***** Category: Spam URLs User name: Group name:

 

Any help is appreciated.

Best answer by Dave_Hall

 

Assuming URL filtering hasn't changed that much since the 4.3 days, setting the URL to allow will still subject the URL to other UTM rules, you may want to Exempt the URL assuming it is a trusted site.   reclassifying a URL to unrated has it's own problems, depending how the fgt handles those type of sites (either blocks or allows) by default.  You may have better luck assigning a local rating or reclassifying the url as a known category (such as a government site).

 

 

 

1 reply

hubertzw
hubertzw
New Member
July 10, 2019

Can you show us logs from Web and DNS? There should be information about policy ID, security profile name etc.

simonl
simonlAuthor
New Member
July 10, 2019

Ah, the web filter logs show that the request passes through

Profile Name: default

Request Type: direct

Direction: outgoing

URL Filter Index: 1

URL Filter List: default

Message: URL was allowed because it is in the URL filter list

 

Then the next entry says it's been blocked

Profile Name: default

Request Type: direct

Direction: outgoing

Method: domain

Category: 86

Category Description: Spam URLs

Message: URL belongs to a denied category in policy

 

So that makes even less sense. The web filtering policy is quoted in both the pass through and blocked log entries.

hubertzw
hubertzw
New Member
July 10, 2019

What is your software version?

 

Inspection order 1) static URL filter 2) FortiGuard category filter 3) advanced filters

 

so the check should stop on the 1st entry - static URL filter and permit the traffic.

 

Just to be sure: the logs came from the same policy ID and from the same profile, right? Web or dns?

Terms & ConditionsAccessibility statement