Skip to main content
mmachado
mmachado
New Member
January 10, 2017
Question

WEB Filter on Non Standard Ports

  • January 10, 2017
  • 2 replies
  • 17065 views

Hi team,

 

I configured the web-filter feature to block some Urls categories, the problem is that the feature only works on port 80 and 443, and a lot of webpages running on non-standard ports like 8080, 8014, 8015 are not categorized and blocked by the Fortigate.(I have a policy with the services "all" enabled).

 

I found this KB:

http://kb.fortinet.com/kb/documentLink.do?externalID=FD31729

 

You can add the ports to inspect, but since the device don't support a port-range 1-65535, It is not a viable solution, imagine I need to add all this ports one by one.

 

My question is, how can I inspect the protocol http and https, and not only the ports 80 and 443?

Any ideas?

Thanks.

2 replies

boneyard
boneyard
Valued Contributor
January 10, 2017

have a look at the proxy profile, it determines which ports are associated with a protocol.

Alby23
Alby23
New Member
January 12, 2017

One choice is to use WebFilter in flow mode and not in proxy mode.

    agetic-ufms
    agetic-ufms
    Visitor III
    June 3, 2022

    It worked like a charm. Thank you - Fortigate 6.4

    Terms & ConditionsAccessibility statement