Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
piaakit
New Contributor

Fortigate 61F URL filter not working

Dear All,

 

              I recently install a Fortigate 61f for our customer, i added a website under URL filter and block it, but i found that i still able to access the site that i blocked, any idea what goes wrong ? any help would be appreicated, Thanks    

 

Keith 

9 REPLIES 9
gfleming
Staff
Staff

It would be really helpful if you showed us your Web Filter profile and the syntax you used for the URL filter. Please provide as many details as possible. There's no way given what you've provided thus far that anyone could tell you what's wrong.

Cheers,
Graham
sw2090
Honored Contributor

 make sure your config fits two things:

 

- traffic matches the correct policy so the urlfilter can be applied.

- your url filter rules are in correct order and way. Those are handled top-down like policies.  So blocking rules should be at the bottom and allow rules should be "exempt" to have the filter stop once it hit an allow rule.

-- 

"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams

-- "It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams
jhussain_FTNT

In addition to above, you may need to enable deep inspection on SSL/SSH profile on the Firewall policy for certain URL need to blocked.

piaakit
New Contributor

this is how i put in the url filter, and i have tried only putting hk.yahoo.com as simple option but also no luck, my fortigate version is v7.0.11 build0489, and i used the default web filter profile, so i'm sure that it will hit the policy, any idea ?

fortigate url filter.jpg

knaveenkumar
Staff
Staff
knaveenkumar
Staff
Staff
Johnharper
New Contributor III

If the URL filter on your FortiGate 61F is not working, there are a few things you can check to troubleshoot the issue:

Verify that the URL filter feature is enabled: In the FortiGate web interface, go to Security Profiles > Web Filter and ensure that the URL Filter profile is enabled and assigned to the relevant security policy.

Check the URL filter settings: Ensure that the URL filter settings are configured correctly. For example, check that the category lists and filters are updated and match your requirements.

parteeksharma

Hi Piakit,

To troubleshoot the url filter issue, could you please check if webfilter security profile is applied in the correct policy and the user traffic is hitting to the same policy. To check this you can check Forward traffic logs and webfilter logs.

Regards,
Parteek

kvimaladevi
Staff
Staff

Hi Piakit,

 

If you are using deep inspection in the policy, please make sure to import the deep inspection certificate in the client machine.

 

Regards,

Vimala

Labels
Top Kudoed Authors