Help
FortiSASE
FortiSASE delivers both a consistent security posture and an optimal user experience for users working from anywhere. Secure your hybrid workforce by closing security gaps, plus simplify operations.
btey
Staff
Staff

Created on ‎11-01-2024 05:46 AM

Article Id 351761

Troubleshooting Tip: Traffic denied because of explicit proxy policy

Description This article describes how to resolve an issue where users cannot access certain websites and their traffic is denied because of an explicit proxy policy, even when a deep inspection SSL profile has been enabled on one of the explicit proxy policies.
Scope SWG SSO.
Solution

Some websites are denied with a 'Traffic denied because of explicit proxy policy' message because the traffic has triggered the 'Implicit Deny' policy. 

Deep inspection has enabled on the SWG policy.

 

Check the SSL inspection profile:

 

Go to Configuration -> Security -> SSL profile -> Configure SSL -> Check the Exemptions list.

 

Screenshot 2024-10-23 152358.png

Example of Finance and Banking category: alipay.com.

 

Blocked page on client browser:

 

alipay.png

 

 From the FortiSASE portal, the traffic log will show as follows:

 

blockeventonswg.png

 

To fix the issue, remove the URL category from the SSL exemption list:

 

after remove.png

 
260
0 Kudos
Suggest New Article
Article Feedback
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.