FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Article Id 193550

This article describes how to exempt government categories from deep inspection profiles.



There can be a case when the government websites do not work and can throw any error.

'This Site can’t be reached or any related.'

This can be due to the deep inspection which has been applied in the internet policy and it is necessary to exempt the government category from the deep inspection profile.

Follow the below steps to exempt the Govt category from the Deep inspection profile:
- Go to Security Profiles -> SSS/SSL Inspection.
- Check the deep inspection profile which is applied and edit it.
- Go to the section exempt from SSL Inspection as below:

- Select 'OK' to save the changes.

- Now, test the govt. website in private window ie Incognito Mode or else clear the session for the user IP and then test.
- Clear the session for user IP:
# diag sys session filter src x.x.x.x <----- x.x.x.x is user PC IP.
# diag sys session clear
If there is still a concern, it is possible to manually allow the website with a URL web filter profile.
For further issues, create a web ticket in the support portal to troubleshoot further.