Scenario 1:

• Once the filters are pasted into web-filter profile, the following error will appear:

FW01 # config webfilter profile
FW01 (profile) # edit default
FW01 (default) # config ftgd-wf
FW01 (ftgd-wf) # show
config ftgd-wf
unset options
config filters
edit 12
set category 26   <--- already exists
set action block
next
edit 23
set category 91
set action block
next
end
end

FW01 (ftgd-wf) # config filters

FW01 (filters) # edit 16

FW01 (16) # set category 26
Invalid category ID '26': Duplicate or Group 'Fortiguard' not included.
node_check_object fail! for category 26

value parse error before '26'
Command fail. Return code -89

• Category already exists in one of the entries so it will not be possible to paste the migrated config.
• Before pasting the filters, it is necessary to delete [purge] the existing filter entries from all the web-filter profiles using the below command:

FW01 # config webfilter profile
FW01 (profile) # edit default
FW01 (default) # config ftgd-wf
FW01 (ftgd-wf) # config filters
FW01 (filters) # purge all
This operation will clear all table!
Do you want to continue? (y/n)y

FW01 (filters) #

FW01 (filters) # edit 16
new entry '16' added
FW01 (16) # set category 26
FW01 (16) # set action block
FW01 (16) # end
FW01 (ftgd-wf) # end
FW01 (default) # end
FW01 #

• Once the filters are deleted [purged], it will be possible to paste the filters from the converted/migrated config.

Note:

If there are multiple web-filter profiles, it is recommended to delete all the filter entries from all the profiles.

Scenario2:

• If there are multiple VDOMs on the firewall, copying the web-filter profile with a Static URL filter from one VDOM to another would show an error as below as the destination VDOM will not have the defined URL filter list.

Office # config vdom
Office (vdom) # edit root
current vf=root:0
Office (root) # config webfilter profile
Office (profile) # edit "Block-Social"
Office (Block-Social) # config web
Office (web) # set urlfilter-table 1 <---- missing url-filter table 
entry not found in datasource

value parse error before '1'
Command fail. Return code -3

Office (web) # end

• Urlfilter-table is a database that stores the Static URL list which is further referenced in the web filter profile.
• Target VDOM is missing this url-filter table thereby throwing the error for 'entry not found in database'. To resolve this issue, copy the url-filter table from source VDOM before copying the whole web-filter profile:

Office # config vdom
Office (vdom) # edit hefe
current vf=hefe:1
Office (hefe) #
Office # config webfilter urlfilter
Office (urlfilter) # sh
config webfilter urlfilter
edit 1
set name "Auto-webfilter-urlfilter_badmf2r7p"
config entries
edit 1
set url "tiktok.com"
set action block
next
edit 2
set url "tiktokcdn-in.com"
set action block
next
edit 3
set url "tiktokcdn-us.com"
set action block
next
edit 4
set url "tiktokcdn.com"
set action block
next
edit 5
set url "tiktokd.org"
set action block
next
end
next
end

• Once the url-filter list is pasted on the target VDOM now the web-filter profile can be copied and pasted into the target VDOM without any error message.