Dear Forums,
i am currently testing and setting up our FortiiEMS within our environment, but i am currently using synchronized profiles from our fortigate. Nothing too difficult. I am currently using it this way due to the missing options of not being able to limit users with quotas on fortiEMS. Fortigate gives you the option to limit users on specific FortiGuard categories.
There is one setting i am currently trying to allow traffic but can't seem to find it on my fortigate. i have the Unrated category set to allow and block malicious URL's discovered by FortiSanbox disabled.
What i am trying to avoid is, users getting errors on websites that fall under the category Unknown.
What i could understand from people getting the same error they corrected it by editing the XML file and allowing the following line(bolted):
<fortiguard> <enabled>1</enabled> <rate_ip_addresses>0</rate_ip_addresses> <use_https_rating_server>0</use_https_rating_server> <use_legacy_fdn>1</use_legacy_fdn> <action_when_unavailable>deny</action_when_unavailable> <restrict_services_to_regions></restrict_services_to_regions> </fortiguard>
They have switched this to allow.
My question is, is there a way to set this to allow on the fortigate and not within the XML file?
I think you can use "Allow websites when a rating error occurs" option on Fortigate web filter profiles.
Because as you said in the XML setting points to this setting. Could you try this option?
User | Count |
---|---|
1883 | |
1141 | |
769 | |
447 | |
277 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.