Can' t download files

matap123 · ‎03-12-2013

Hi everyone. My boss installed a Fortinet Firewall in the office. It was configured by a so called expert and, since then, no one is to be able to download files. The download starts fine, but after a few seconds, the transfer rate drops to 0. Internet browsing works fine. I have administrative permissions on the firewall, so I tried to tweak it a little. I disabled QoS policies, UTM, logging and everything I could find for the group that I' m into, but still, I can' t download files. I know it' s kind of a long shot, but anyone had any similar experiences? Is the behaviour that I' m noticing controlled by a configuration that I' m overlooking? If anyone could help me, I will appreciate, because I' m about to set that Fortinet on fire

Dave_Hall · ‎03-12-2013

Maybe check the Protocol Options used in the Firewall Policy(ies) to see how the fortigate is suppose to handle over-sized files (for the protocols involved). You may wish to check the Comfort Clients option if you want the Fortigate to give the impression that something is being download while it buffers the download into the fgt' s memory.

NSE4/FMG-VM64/FortiAnalyzer-VM/6.0 (FWF30E/FW92D/FGT200D/FGT101E/FGT81E)/ FAP220B/221C

matap123 · ‎03-13-2013

Increasing the Threshold and setting the Comfort Clients improved it. Our files still get cancelled on the middle of a download, so we have to use download managers, but now every 20 mb or so. Previously, our downloads were being cancelled every 1 or 2 mb. I can live with that for now. Thanks a lot Dave

Rick_H · ‎03-14-2013

In addition to turning " Comfort" on also make sure your " Oversized" setting is on Pass rather than Block. If using multiple protocol profiles make sure you have the right one set on your UTM-enabled policy.

Dave_Hall · ‎03-13-2013

Our files still get cancelled on the middle of a download, so we have to use download managers, but now every 20 mb or so.

If downloading >20 mb files is the norm in your company and these sites are reputable, you may want to create fqdn firewall objects for those site, put them into groups, then create a firewall policy giving lesser restricted (or free) access to those sites. (If enabling UTM on this new firewall policy, create a separate Protocol Options policy for that firewall to allow oversized files to pass.) Then move this firewall policy up in the firewall policy list so it is triggered. We have a standard firewall policy like the above that pretty much allows unrestricted/unblocked access to the Microsoft download/update sites. See this thread.

NSE4/FMG-VM64/FortiAnalyzer-VM/6.0 (FWF30E/FW92D/FGT200D/FGT101E/FGT81E)/ FAP220B/221C

networkingkool · ‎05-02-2013

In My Fortigate OS ver 5.0 there is only 1 option " block file/email that exceed the threshold limit" My Fortigate has only setting for http protocol. The Https protocol is no longer exist in both web manager and CLI. I want to limit my users to upload file (size < 50 MB) to sharing website using HTTP POST Comfort Action. But some sharing website like mediafire.com maybe use HTTPS to transfer. Can someone give me any ideas? Thanks you very much

=========>

Can' t download files

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website