Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
bwill
New Contributor

Missing Explicit Proxy Feature Option

Before opening a ticket I was hoping the fortiniet gurus could help out.  I have a 60E with a UTM license running 5.4.3.  When I went to enable explicit proxy from feature select there was no option, it's not listed in any of the options.  From the cli when I look at system settings its not listed as gui-explicit-proxy  enable or disabled.  What am I missing?  Any help is appreciated.

 

Thanks in advance!

1 Solution
hmtay_FTNT
Staff
Staff

Hello bwill,

 

On the Dashboard, is your Mode "Flow-based" or "Proxy-based". You will need to change to "Proxy-based" first before you can enable explicit proxy from the feature select. Can you give this a try?

View solution in original post

6 REPLIES 6
hmtay_FTNT
Staff
Staff

Hello bwill,

 

On the Dashboard, is your Mode "Flow-based" or "Proxy-based". You will need to change to "Proxy-based" first before you can enable explicit proxy from the feature select. Can you give this a try?

bwill

That did it hmtay_FTNT and my ticket with fortigate is in researching state 4 hrs later, with no answer yet .  Go figure, the solution to my problem was at the dashboard and I didnt even see it.

Thanks!

 

hmtay_FTNT

Glad it works for you!

emnoc
Esteemed Contributor III

this  why cli  is so superior

 

http://socpuppet.blogspot.com/2017/08/fortigate-explicit-proxy-with.html

 

PCNSE 

NSE 

StrongSwan  

PCNSE NSE StrongSwan
bwill
New Contributor

Not sure what you are pointing out in the link emnoc.  Where from the CLI can you see if a firewall is configured for flow based or proxy based.  I primarily use the CLI and did not find any reference in the CLI to change from flow based to proxy based.

emnoc
Esteemed Contributor III

God point, you need to look at the av-profile

 

e.g

 

config firewall service custom edit "WEB_PROXY"  set proxy enable set category "Web Proxy" set protocol ALL set tcp-portrange 0-65535:0-65535 next end

 

 

 

config antivirus profile edit "explict_proxy"  set inspection-mode proxy  next end

 

 

PCNSE 

NSE 

StrongSwan  

PCNSE NSE StrongSwan
Labels
Top Kudoed Authors