Troubleshooting Tip: Issue with copying filters in web-filter profile from another converted/migrated configuration file

dbhavsar · ‎01-03-2024

Description

This article describes how to copy the filters in web-filter profile from another converted/migrated configuration file.

Scope

FortiGate.

Solution

Once the filters are pasted in web-filter profile, the following error will appear:

FW01 # config webfilter profile
FW01 (profile) # edit default
FW01 (default) # config ftgd-wf
FW01 (ftgd-wf) # show
config ftgd-wf
unset options
config filters
edit 12
set category 26 <--- already exists
set action block
next
edit 23
set category 91
set action block
next
end
end

FW01 (ftgd-wf) # config filters

FW01 (filters) # edit 16

FW01 (16) # set category 26
Invalid category ID '26': Duplicate or Group 'Fortiguard' not included.
node_check_object fail! for category 26

value parse error before '26'
Command fail. Return code -89

Category already exists in one of the entries so it will not be possibleto paste the migrated config.
Before pasting the filters, it is necessary to delete [purge] the existing filter entries from all the web-filter profiles using the below command:

FW01 # config webfilter profile
FW01 (profile) # edit default
FW01 (default) # config ftgd-wf
FW01 (ftgd-wf) # config filters
FW01 (filters) # purge all
This operation will clear all table!
Do you want to continue? (y/n)y

FW01 (filters) #

FW01 (filters) # edit 16
new entry '16' added
FW01 (16) # set category 26
FW01 (16) # set action block
FW01 (16) # end
FW01 (ftgd-wf) # end
FW01 (default) # end
FW01 #

Once the filters are deleted [purged], it will be possible to paste the filters from the converted/migrated config:

Note:

If there are multiple web-filter profiles, it is recommended to delete all the filter entries from all the profiles.