Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
avalle_FTNT
Staff
Staff

Created on ‎04-14-2017 04:05 PM Edited on ‎03-10-2025 06:37 AM By Moderator

Article Id 193294

Troubleshooting Tip: WebFiltering not working - The service is not enabled

Description

 

This article describes how to troubleshoot an issue where, when troubleshooting web filter issues, the FortiGate is unable to categorize URLs.
 
Scope
 
FortiGate


Solution

 

Verifying ping connection to FortiGuard service is successful:
  • service.fortiguard.net
  • update.fortiguard.net

 

However, executing the following command returns an error message:

 

diagnose debug rating
Locale       : english

The service is not enabled.

FGT#

 

Verify the FortiGuard configuration status:
 
show system fortiguard
.
.
set webfilter-force-off : enable

If 'webfilter-force-off' is enabled, set it to disable:
set webfilter-force-off disable

 

The web filter service remains disabled, despite how the web filtering profile with SSL/SSH inspection is applied to at least one firewall policy.

Ensure that 'FortiGuard Category Based Filter' is enabled under web filter profile.


webfilter-1.png

 

Once the 'FortiGuard Category Based Filter' is enabled, servers will be visible under 'dia deb rating'.

 

dia-rating.png

 

Related article:

Troubleshooting Tip : Resolving FDS Communication Issues (FortiGuard Distribution Servers)

Labels:
2222
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.