Troubleshooting Tip: Explicit Proxy GUI has been disabled automatically after rebooting FortiGate unit or upgrading FortiGate firmware version.

caunon · ‎11-25-2024

Description

This article describes how to avoid an issue where the gui-explicit-proxy setting via CLI command or Explicit Proxy via GUI of FortiGate has been disabled automatically after rebooting the FortiGate unit or upgrading the FortiGate firmware version.

Scope

FortiGate v7.4.x.

Solution

This issue may occur when setting gui-explicit-proxy to 'enable' via a CLI command or when enabling Explicit Proxy via the GUI of a FortiGate unit, as shown below.

CLI command:

config system settings

set gui-proxy-inspection enable

set gui-explicit-proxy enable

end

In the GUI of FortiGate: Under FortiGate -> System -> Feature Visibility -> Security Features -> Explicit Proxy -> Tick to enable it -> Apply.

When rebooting a FortiGate unit or upgrading a FortiGate firmware version, the 'gui-explicit-proxy' setting has been disabled automatically, or Explicit Proxy via the GUI of FortiGate has been disabled automatically.

To fix this:

For a workaround for a temporary fix:

Enable gui-explicit-proxy via a CLI command.

config system settings

set gui-explicit-proxy enable

end

Enable Explicit Proxy via the GUI under FortiGate -> System -> Feature Visibility -> Security Features -> Explicit Proxy -> Tick to enable it -> Apply.

For a permanent fix, upgrade the FortiGate firmware version to be 7.4.5 and above.