Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
mik785
New Contributor

Difference between allow and exempt in web filter

hello I am a beginner in the use of fortigate systems I have just configured a webfilter with a private policy and a public and I have authorized certain site in the webfiltering in the public policy I have mit certain site to allow and that does not work not and when I was exempted it worked I wondered for my personal knowledge what was the difference between

 

 

ps.sorry for my english

3 REPLIES 3
Toshi_Esumi
SuperUser
SuperUser

I don't remember, or have never learned, exact scope of "exempt" or how much/far it would affect to. But at least know that in the webfilter profile it would go through URL filters first then Category filters, and inside of category filters, go through local categories first and the rest based on the order you see.

Then if you exempt at a point of this chain, it would stop checking the rest and exit the process. Ex. if you exempt an URL in URL filters, it would never go to category filtering checks, while if you allow one URL in URL filters, it would still go through checking category filters.

Dave_Hall

Taken from https://docs.fortinet.com/document/fortigate/6.0.0/handbook/164551/static-url-filter

 

 The difference between the two, is Allow will continue with the UTM processes.  Exempt will tell the fgt to stop processing further utm features.  See the above link for further details on this and the other URL filter actions. 

 

NSE4/FMG-VM64/FortiAnalyzer-VM/6.0 (FWF30E/FW92D/FGT200D/FGT101E/FGT81E)/ FAP220B/221C

NSE4/FMG-VM64/FortiAnalyzer-VM/6.0 (FWF30E/FW92D/FGT200D/FGT101E/FGT81E)/ FAP220B/221C
Toshi_Esumi

Thanks Dave. Now I know the scope.

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors