FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
hlngan
Staff
Staff
Article Id 332244
Description This article discusses Warning page looping when having a FortiGate with Web Filtering and FortiProxy.
Scope FortiGate, FortiProxy.
Solution

Network flow:

Client PC -> FortiProxy -> FortiGate with Web Filtering warning page enabled -> Internet.

Networkdiagram.PNG

When deploying FortiPrxoy and FortiGate with a warning page on web filtering in the same network, it is necessary to be careful about using the warning page on the Web Filtering.

 

In the following example, FortiProxy does not enable Web Filtering. However, FortiGate is using Web Filtering with a warning page.

 

warning.PNG

 

When a user connects to the dedicated URL and tries to get past the warning page by pressing the proceed, the page will be looped.

 

page.PNG

 

Since the FortiProxy and FortiGate use the same override port, it is necessary to change either on FortiProxy/FortiGate.

 

config webfilter fortiguard
    set ovrd-auth-port-https x  <---- Use different ports on FortiProxy and FortiGate.
end

Contributors