FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Description This article describes how to exempt government category from deep inspection profile.
Solution There can be a case when the government websites does not work and can throw any error.
Example. 'This Site can’t be reached or any related.'
This can be due to the deep inspection which has been applied in the internet policy and it is necessary to exempt the government category from the deep inspection profile.
Follow the below steps to exempt the Govt category from Deep inspection profile: - Go to Security Profiles -> SSS/SSL Inspection. - Check the deep inspection profile which are applied and edit it - Go to section exempt from SSL Inspection as below:
Select 'OK' to save the changes.
- Now, test the govt. website in private window ie Incognito Mode or else clear the session for the user IP and then test. - Clear the session for user IP:
#diag sys session filter src x.x.x.x <----- x.x.x.x is user PC IP. #diag sys session clear
If there is still concern, it is possible to manually allow the website with URL web filter profile.
For further issue, create a web ticket in support portal to troubleshoot further.