Created on 04-18-2020 07:25 AM Edited on 05-26-2022 11:43 AM By Anonymous
Description
This article describes how to customize replacement messages for individual web filter profiles.
Related article.
https://docs.fortinet.com/document/fortigate/7.0.0/administration-guide/853773/replacement-message-g...
Solution
Replacement message groups allow to customize replacement messages for individual policies and profiles.
There are two types of replacement message groups:
- Utm: used with UTM settings in firewall policies. Messages in the following categories can be customized: mail, http, web proxy, ftp, nntp, FortiGuard-wf, spam, alertmail, admin, sslvpn, nac-quar, traffic-quota, utm, custom-message, and icap.
- Auth: used with authentication pages in firewall policies. Messages in the following categories can be customized: web proxy and auth.
To create a replacement message group in the GUI:
Make replacement message groups visible in the GUI with the following CLI command:
# config system settings1) Two replacement message groups have been created.
set gui-replacement-message-groups enable
end
Facebook block is one of the group and Twitter is the another one.
Refer to the pictures below.
Note:
Both belong to Security group type.
2) Along with this, two web filter profiles have been created.
Facebook is the name of the first and Twitter is the second.
3) Facebook website is blocked on Facebook's web filter profile and Twitter website is blocked on Twitter's web filter profile too.
4)Along with this, two policies for two hosts have been created.
One policy has Facebook's web filter profile(to block Facebook) while the other one has Twitter web filter profile (to block Twitter).
5) Now as soon as the traffic is initiated, the traffic will be blocked along with that replacement message will be displayed.
In PC 1.
In PC 2.
From the above, pictures that two separate block pages are visible.Iin order to do this, follow these steps:
1) Edit the replacement message groups (it will redirect the user to replacement message tab) and search for URL block page then customize accordingly.
2) Navigate to the web filter profile and then map the Replacement message group.
Configuration for step 1 is mentioned below.
Edit the second replacement group.
The second stage is set out below.
# config webfilter profile
edit Facebook
set replacemsg-group Facebook\ \ block
next
edit Twitter
set replacemsg-group Twitter\ block
endAs soon as these settings are done, a differrent web page block message will be visible.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2023 Fortinet, Inc. All Rights Reserved.