Fortinet Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
mmachado
New Contributor

WEB Filter on Non Standard Ports

Hi team,

 

I configured the web-filter feature to block some Urls categories, the problem is that the feature only works on port 80 and 443, and a lot of webpages running on non-standard ports like 8080, 8014, 8015 are not categorized and blocked by the Fortigate.(I have a policy with the services "all" enabled).

 

I found this KB:

http://kb.fortinet.com/kb/documentLink.do?externalID=FD31729

 

You can add the ports to inspect, but since the device don't support a port-range 1-65535, It is not a viable solution, imagine I need to add all this ports one by one.

 

My question is, how can I inspect the protocol http and https, and not only the ports 80 and 443?

Any ideas?

Thanks.

3 REPLIES 3
boneyard
Valued Contributor

have a look at the proxy profile, it determines which ports are associated with a protocol.

Alby23
Contributor II

One choice is to use WebFilter in flow mode and not in proxy mode.

agetic-ufms

It worked like a charm. Thank you - Fortigate 6.4