| Description | This article describes that by default, the FortiGate policy is Flow Based on the inspection and the option to change the inspection mode is not visible in GUI. |
| Scope | FortiGate v7.2 and v7.4. |
| Solution |
It is necessary to change the inspection mode from Flow to Proxy in the policy from CLI. Once the inspection mode is changed to Proxy, the option to toggle the inspection mode will be available in GUI.
To change the inspection mode from CLI: Step 1:
config system global
end
Step 2:
Inspection mode is visible in GUI now:
The gui-proxy-inspection setting under config system settings is enabled on most models except for low-end platforms with 2 GB of RAM or less. When this setting is disabled, then Firewall policy pages do not have the option to select a Flow-based or Proxy-based inspection mode.
Enable GUI Inspection option from the CLI:
Inspection mode is visible in GUI now:
Now changing the inspection mode is available in GUI:
Note: This solution applies only to scenarios where the FortiGate NGFW mode is set to Profile-Based. It is not applicable in Policy-Based mode.
However, starting from FortiGate 7.4.4, Proxy-related features are not supported in FortiGate models with 2GB RAM or less. Refer to the documentation below for more information: 2 GB RAM FortiGate models no longer support FortiOS proxy-related features. |
