Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
mike_dp
New Contributor

6.2.5 proxy mode web filtering issues

Hi,

We recently upgraded 6.0.10 to 6.2.5 and since then we are experiencing issues with some websites (ex: cnn.com) in proxy mode. If I switch to flow mode in the policy related to that traffic then it works. I switch all internet related policies to flow mode but that's not the best for the long run.

 

Anyone else having proxy mode issues? What do you do? Downgrade to another version? What about 6.4?

 

Thank you,

Fortigate : 80E, 80F, 100E, 200F, 300E : 6.4.6

FortiAnalyzer, ForticlientEMS

8 REPLIES 8
Jirka1
Contributor III

Hello,

 

it is a known bug:

588661 Customer had issue accessing the HTTPS website after enabling the proxy web filter.

658654 Cannot access the specific website using proxy-based UTM with certification inspection.

 

I assume it will be fixed in 6.2.6.

 

Jirka

 

 

 

 

 

 

 

dellis75
New Contributor

I recently upgraded from 6.0.9 to 6.2.5 and am having a similar issue. When I enable any of the filters in the policy, a multitude of websites are not accessible. I have not tried switching to flow mode, but agree that is not the answer. 

 

I have thought about downgrading to 6.2.4. Any suggestions would be appreciated. 

SysWOW64

UP!

 

I have the same problem with 02 FortiGate 60E

mhe
Contributor II

6.2.6 is now available. The two bugs are on the fixed list.

mike_dp
New Contributor

I switched some https with web filtering policies to flow mode and once in a while users get a certificate error. I believe this is a known issue too?

Fortigate : 80E, 80F, 100E, 200F, 300E : 6.4.6

FortiAnalyzer, ForticlientEMS

Phil_Lofthouse

Hi Mike.

 

I had the issue with certain web site access in 6.2.5 using proxy mode.

I switched to flow mode and then had the certificate issues. Refreshing the browser page brought up the site no problem without having to accept an un-trusted certificate.

 

Upgrading to 6.2.6 fixed these problems... but then introduced the IKE process crash issues, so I had to revert.

 

Fortinet have just released 6.2.7, which I have upgraded to in a test environment... and all three issues appear to have been fixed.

 

Regards, Phil.

mike_dp

We are still experiencing flow mode issues in 6.2.7. We can't reproduce the proxy issue so far in 6.2.7 but we still had issues in 6.2.6. The IKE issue is fixed so far in 6.2.7 after 4 days.

Fortigate : 80E, 80F, 100E, 200F, 300E : 6.4.6

FortiAnalyzer, ForticlientEMS

Phil_Lofthouse

Ah, okay. I've just checked and my test FortiGate is doing deep inspection, rather than certificate inspection. Maybe that's why I've not seen an issue.

I'll change to certificate inspection and test again.

Top Kudoed Authors