Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Dan_Eng52
Contributor

Created on ‎07-07-2023 09:58 AM

60F Explicit Proxy - Source Interface

Hi all, 

 

I have FortiGate 60F running version 7.4.0 and have an Explicit Proxy setup. As you can see in the interface CLI output I have the set explicit-web-proxy enabled option configured on the interface however, when I try to create my policy in the Explicit Policy it shows that it isn't enabled on any interfaces. 

 

Policy No Interface Found.pngProxy Enabled Interface.png

 

I haven't come across this issue before, typically enabling this in the GUI causes the interface to be displayed in the policy. Is this because I have an aggregate interface setup and that is causing an issue, has anyone come across this issue before and have any ideas as to what I can do for the interface to appear in the policy? 

 

Thanks, 
Dan. 

 

 

Labels:
1862
0 Kudos
8 REPLIES 8
Anthony_E
Community Manager
Community Manager

Created on ‎07-09-2023 09:06 PM

Hello Dan,


Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.


Thanks,

Anthony-Fortinet Community Team.
1817
knagaraju
Staff
Staff

Created on ‎07-09-2023 10:30 PM

Hello Dan_Eng52,

 

May I know if you are unable to configure a proxy policy with aggregate interface ?
May I know if you have enabled explicit proxy under Network>>explicit proxy>>Listen on Interfaces as aggregate ?

Regards
Nagaraju.

1810
Dan_Eng52
Contributor
In response to knagaraju

Created on ‎07-10-2023 12:47 AM Edited on ‎07-10-2023 12:48 AM

Hi Knagaraju, 

 

Thanks for your response. 

 

I can confirm that I have my aggregate interface set in the Listen on Interfaces section within the Explicit proxy settings. I've tried this with another interface also and no matter which one I use it seems that the interface is never displayed in the policy so cannot select the interface. 

 

Listening Interface.png

 

Regards, 

Dan.

1801
0 Kudos
Dan_Eng52
Contributor
In response to knagaraju

Created on ‎07-11-2023 03:49 AM Edited on ‎07-11-2023 03:55 AM

Hi Knagaraju, 

 

Still no joy, tried rebooting the firewall as well as disabling/enabling port and features i.e. explicit proxy feature, explicit proxy on interface level etc. I just don't understand why when I enable explicit proxy on the interface and try to create a proxy policy the interface I have enabled it on doesn't appear it just says none per snippet below despite being enabled on interface and listening on interface in Explicit Proxy settings. 

 

Policy No Interface Found.png

 

Thanks, 
Dan. 

1778
0 Kudos
Debbie_FTNT
Staff
Staff
In response to Dan_Eng52

Created on ‎07-11-2023 06:49 AM

Hey Dan - I did a quick test on a lab FortiGate 7.2.5 I still had left over, created an aggregate interface, enabled explicit proxy, and created an explicit proxy policy. I also see 'None' listed in the source interfaces in the proxy policy, but I could successfully create one. I haven't got around to actually testing traffic yet, but I didn't get any errors anywhere along the way.
I'm inclined to say this is merely a GUI issue (maybe it cannot display aggregate interfaces in proxy-policies?) - it might be worth configuring a policy and testing if traffic is allowed, even if the interface display in policy says 'None'?

+++ Divide by Cucumber Error. Please Reinstall Universe and Reboot +++
1771
srajeswaran
Staff
Staff
In response to Dan_Eng52

Created on ‎07-11-2023 07:00 AM

Our engineering team is aware about this issue and the fix is available on upcoming releases 7.2.6 and 7.4.1

Regards,
Suraj
- Have you found a solution? Then give your helper a "Kudos" and mark the solution.
1765
Dan_Eng52
Contributor
In response to srajeswaran

Created on ‎07-11-2023 07:05 AM

Hi Srajeswaran, 

 

That's great, thank you for you response. 

 

Do you have any idea on timeframe in regards to the upcoming release or are aware of a release I can use to get this up and running? 

 

Regards, 

Dan. 

 

1760
0 Kudos
srajeswaran
Staff
Staff
In response to Dan_Eng52

Created on ‎07-11-2023 10:38 PM

7.4.1 is expected next month. Also, as Debbie mentioned, ideally this should not affect the actual traffic as it is kind of GUI/Display issue.

Regards,
Suraj
- Have you found a solution? Then give your helper a "Kudos" and mark the solution.
1749
0 Kudos
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.