Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
xiaoj
Staff
Staff

Created on ‎03-03-2024 09:23 PM Edited on ‎02-27-2025 08:58 PM By Community Manager

Article Id 302444

Troubleshooting Tip: Some applications got denied by Application Control with 'HTTP.Browser - Deny'

Description This article describes that some applications got denied by Application Control with 'HTTP.Browser - Deny: UTM Blocked'
Scope FortiGate.
Solution

The application failed to connect to the registration server:

 

Picture1.png

 

The security events of Application Control are shown below:

 

Picture2.png

 

The log details show that non-default port 2290 (TCP) is used by the application.

 

Picture3.png

'

'Block applications detected on non-default ports' is supposed to be enabled to allow the HTTP connection with a non-default port.

Go under Security Profiles -> Application Control -> [Application Control Profile] -> Options and disable 'Block applications detected on non-default ports'.

 

Picture4.png

 

To disable it in the CLI: 

 

config application list

    edit <Profile_Name>

        set enforce-default-app-port disable 

    end 

 

The application connects to the registration server successfully.

 

Picture5.png

 

The security events of Application Control are shown below:

 

Picture6.png

 

Related article

Technical Tip: Port enforcement check - Fortinet Community

8525
0 Kudos
Suggest New Article
Article Feedback
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.