Hi,
After facing web-filtering issues in NGFW mode in 5.6. I have reverted to profile based mode.
Web-filtering is working as expected but url-category information is missing in the web-filtering logs and even under websites in Fortiview.
To ensure we are not blocking legitimate urls. I am using the default web-filter profile in allow mode to see the categories of urls being accessed by users and then set enforcement policy. However the challenge is the logs are not showing the url-category.
I have attached the screenshots from my system. Hope somebody knows how to solve this or have seen similar issue before. I have tested the connectivity with fortiguard services as per cookbook articles but still no luck with the issue.
Sebastan
I followed your other post and tried to replicate your issue, I was seeing the logs but the categories were unknown and they were reporting a lookup error
Profile NameTSET WebRequest TypedirectDirectionoutgoingErrorunknownMessageA rating error occurs
I even took it further and created a deny policy to block some categories and it didn't work. It seems as if changing to that mode breaks the fgt talking to FortiGuard for url lookups. I havn't tried doing a config export and an import/reboot. Maybe that will jump start it.
Thanks for taking time to replicate the issue. But were you able to enforce url-filtering without application control. I mean in the logs were you able to see the event as webfilter as compared to application control as in my case.
Where were you able to see the error. Can you please let me know the debug you used to see the error. Would be great to know.
Sebastan
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.