Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Quint021
Staff
Staff

Created on ‎05-19-2025 05:16 AM

Article Id 391446

Technical Tip: Unable to create a DLP profile rule with only file-type set in the GUI

Description This article describes the error encountered where a DLP Sensor is a mandatory field when attempting to create a DLP profile rule of only file-type in the GUI.
Scope FortiGate v7.4, v7.6.
Solution

When navigating to Security Profiles -> Data Loss Prevention -> [Profile Tab] -> Create New -> New Rule, the following error can be encountered after attempting to save a file-type only rule:

 

Mandatory_sensor.PNG

 

Workaround.

  1. Create a File Type in the CLI

 

config dlp filepattern
    edit 300
        set name "JPEG Type"
            config entries
                edit "JPEG"
                    set filter-type type
                    set file-type jpeg
                next
            end
    next
end

 

  1. Create a File-Type only profile rule in the CLI.

 

config dlp profile
    edit "Block JPEG"
        config rule
            edit 1
                set proto smtp pop3 imap http-get http-post ftp nntp cifs
                set file-type 300
                set action block
            next
        end
    next

end

 

This issue has a tentative fix in v7.4.8 and v7.6.4.
199
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.