Troubleshooting Tip: Web Rating Override is not taking effect after upgrade to v7.2.11/v7.6.1

nathan_h · ‎03-03-2025

Description

This article describes how to fix if the web rating override on a Web Filter profile is broken with the configured action after an upgrade to v7.2.11/v7.6.1

Scope

FortiGate v7.2.11, FortiGate v7.6.1.

Solution

Custom Category:

2025-03-03 08 53 33.png

Web Filter Profile:

2025-03-03 08 50 54.png

2025-03-03 08 55 34.png

Firewall Policy:

2025-03-03 08 52 32.png

When accessing the website (doh.dns.apple.com), the FortiGuard Block Page is encountered. The website category should be 'Allowed_Custom'.

2025-03-03 08 56 12.png

Workaround:

Configure a dummy Custom Category and Web Rating Override/Local Rating. Copy and paste the command below on the CLI.

It will still work after it is deleted. If the FortiGate was rebooted, apply the workaround again.

config webfilter ftgd-local-cat
edit "dummy-cat"
set id 190
next
end

config webfilter ftgd-local-rating
edit "dummy.local"
set rating 190
next
end

config webfilter ftgd-local-rating
delete "dummy.local"
end

config webfilter ftgd-local-cat
delete "dummy-cat"
end

The website is accessible:

2025-03-03 09 01 08.png

The issue will be fixed on v7.6.3.

Troubleshooting Tip: Web Rating Override is not taking effect after upgrade to v7.2.11/v7.6.1

Description

Scope

Solution

You are leaving our website