FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Ted
Staff
Staff
Article Id 215438
Description

This article describes when FortiGate fails to connect to FortiGuard,
the WebFilter blocks the requested web page from a client although no administrator had set to block on Web Filter profile.

Scope FortiGate.
Solution

To avoid the rating error, enable the Rating Option 'Allow websites when a rating error occurs', as well as make sure FortiGuard servers respond well.

 

CLI Command:

 

# config webfilter profile

edit "<wf_profile>"

config ftgd-wf

set options error-allow

end

next

end

 

Web Filter Log:

 

1) When reachable to FDN:

- Action: passthrough.

- Message: URL belongs to the allowed category in the policy.

 

2) When failed to connect to FDN:

- Action: blocked.

- Error: All Fortiguard servers failed to respond.

- Message: A rating error occurs.

 

3) When failed to connect to FDN and enable the Allow websites option:

- Action: passthrough.

- Error: All Fortiguard servers failed to respond.

- Message: A rating error occurs.

 

Contributors