Kraven2323
Staff
Created on
10-11-2022
12:36 AM
Edited on
11-19-2024
08:01 AM
By
Stephen_G
Article Id
226281
Description | This article describes why errors indicating incompatibility with an NGFW Policy mode appear on FortiGate in NGFW policy-based mode when trying to add certain applications to the firewall policy on version 6.4.10. |
Scope | FortiGate v6.4.10 and above. |
Solution |
When adding some applications to the firewall policy, the following error may occur:
Examples of trying to add large scan-range applications include:
'Gmail_Personal'.
The maximum scan range value setting is located under config ips global.
config ips global set ngfw-max-scan-range 4096 end
This value can be adjusted, but it is set to 4096 bytes by default.
This large scan-range application is removed in the 7.0.x version and later as per the screenshot below:
|