Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
AHoffpauir
New Contributor II

Created on ‎11-26-2024 02:53 PM Edited on ‎11-26-2024 03:28 PM

Fortigate 30G can't add AntiVirus and Web Filter profiles to Firewall Policies

I am having an issue with AntiVirus and Web Filter. I have profiles created but I can't add them in the firewall policies. It has a field to add them but the drop down list doesn't show any of the created profiles.
FortiGate-30G
v7.2.8 build6390 (Mature)

Fortigate 30G Profile in Policies issue.JPG

 

2118
0 Kudos
1 Solution
mzainuddinahm
Staff
Staff

Created on ‎12-18-2024 01:36 AM

Currently, this is being investigated by the engineering team on Fortigate/FortiWiFi 30/31G running FortiOS 7.2.8GA.

 

Workaround:

Until this is fixed, the Webfilter & Antivirus profiles can be enabled using the CLI

 

config firewall policy
edit <policyid>

set utm-status enable

set av-profile <profile_name>

set webfilter-profile <profile_name>

end

MZA

View solution in original post

1415
20 REPLIES 20
DPadula
Staff
Staff

Created on ‎11-26-2024 03:17 PM

Did you create a proxy or flow based profile? 
Change the firewall rule from one mode to another and confirm if the profiles created shown up.

1230
AHoffpauir
New Contributor II
In response to DPadula

Created on ‎11-26-2024 03:22 PM

I don't see an option for proxy or flow. I am trying both the default profiles that came with the firewall as well as profiles I created.

Fortigate 30G Profile in Policies issue 2.JPG

 

Fortigate 30G Profile in Policies issue 3.JPG

 

1222
0 Kudos
AHoffpauir
New Contributor II
In response to DPadula

Created on ‎11-26-2024 03:26 PM

This is what I am seeing when I try to apply a profile to a policy, the list is blank even though I have profiles, I even used the "create" button to make a new one and it doesn't show up once made.

Fortigate 30G Profile in Policies issue 4.JPG

 

1217
0 Kudos
FortiMentor
New Contributor II
In response to AHoffpauir

Created on ‎11-26-2024 11:44 PM

in the Webfilter and Antivirus security profile you must change the >Feature set< to "Flow based". Then you can see and select the profiles in the firewall-policy

1150
AHoffpauir
New Contributor II
In response to FortiMentor

Created on ‎11-26-2024 11:55 PM

There doesn't seem to be a ">Feature set<" option in the profiles, see above screen shot

1135
0 Kudos
FortiMentor
New Contributor II
In response to AHoffpauir

Created on ‎11-27-2024 12:23 AM

Fortinet has removed the proxy mode function from all Fortigate models with 2 GB RAM from firmware 7.4.4.
The Fortigate 50G only has 2 GB RAM and has only recently become available.
Fortinet may have removed the feature quickly and not properly from the firewall model firmware.
It can therefore not be ruled out that the first firmware still has a bug and that this will only be fixed in the next release.

1109
0 Kudos
AHoffpauir
New Contributor II
In response to FortiMentor

Created on ‎11-27-2024 08:15 AM

Removing Antivirus and Web Filters from firewall policies seems like a pretty big Opsie for a NGFW

1051
0 Kudos
sjoshi
Staff
Staff

Created on ‎11-26-2024 11:46 PM

please check from the CLI and make sure if the firewall policy is in flow mode then the AV and webfilter should also be in flow mode.

 

config webfilter profile
edit "new-wf-profile"
set feature-set {flow | proxy}
end

Let us know if this helps.
Salon Raj Joshi
1143
AHoffpauir
New Contributor II
In response to sjoshi

Created on ‎11-26-2024 11:59 PM

There is no "feature-set" set command (see attached screenshot)

Fortigate 30G Profile in Policies issue 5.JPG

 

1126
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.