Description
This article describes how to change the FortiGuard server port for URL rating.
FortiClient sends web filter URL rating requests to the FortiGuard server on UDP/8888 by default.
Sometimes ISP blocks UDP/8888 and this port can be changed to UDP/53 via the XML config file.
Solution
To change the port via FortiClient XML config file directly.
- Go to Settings -> System and select 'Backup' to export the XML config file.
-
Open the XML config file with the text editor and add <url>fgd1.fortigate.com:53</url> in the location below.
<categories>
<fortiguard>
<enabled>1</enabled>
<url>fgd1.fortigate.com:53</url>
<rate_ip_addresses>1</rate_ip_addresses> -
Restore the XML config file.
Change the port via the FortiClient XML config file from EMS.
- Go to Endpoint Profiles -> Web Filter Profile -> 'Your Profile' (In this example, the EMS Console version is 7.2.4).
- Enable the Advanced setting and go to XML Configuration to add <url>fgd1.fortigate.com:53</url> in the location below.
If the URL rating issue is present, modify:
Once the port is changed to UDP/53, FortiClient starts sending URL requests to the FortiGuard server on UDP/53.
In Wireshark, the packet entry appears like the following.
Related documents:
