Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hello
It seems like Fortinet has exclude the industrial signatures from the UTM license group, you hava to purchase those signatures apart of the UTM license or you have to purchase the enterprise licecense. That was my local seller response.
anyway, thanks for your responses!
Not familiar with 5.6, so it may be possible that the category is still there, though renamed or recategorized. You could always check via the CLI, just perform something similar to:
config application list edit "default" config entries edit 1 set category ?
At ?, the fgt should output something similar to:
ID Select Category ID 1 IM 2 P2P 3 VoIP 5 Video/Audio 6 Proxy 7 Remote.Access 8 Game 12 General.Interest 15 Network.Service 17 Update 19 Botnet 21 Email 22 Storage.Backup 23 Social.Media 24 File.Sharing 25 Web.Others 26 Industrial 27 Special 28 Collaboration 29 Business 30 Cloud.IT 31 Mobile
NSE4/FMG-VM64/FortiAnalyzer-VM/6.0 (FWF30E/FW92D/FGT200D/FGT101E/FGT81E)/ FAP220B/221C
Hi,
if you want to use the industrial services signatures you need to do this:
config ips global
set exclude-signatures none
end
Regards
bommi
NSE 4/5/7
Hi
bommi, i have already tried that solution but it doesnt work. (https://forum.fortinet.com/tm.aspx?m=169179)
Dave hall, i have done what you said and it shows me the list like you put there. I have selected the industrial category but then it doesnt show me in the GUI, and I cant find the industrial signatures (modbus write and read for example).
I have tried to reboot several times but nothing happens, this is how i have the config now:
FGT60EXXXX # config vdom FGT60EXXXX (vdom) # edit root current vf=root:0 FGT60EXXXX (root) # config application list FGT60EXXXX (list) # edit Trafico\ industrial FGT60EXXXX (Trafico industrial) # config entries FGT60EXXXX (entries) # show config entries edit 1 set category 26 set application 25890 25900 44542 next edit 2 set category 2 3 5 6 7 8 12 15 17 21 22 23 25 26 28 29 30 31 next end
Under 5.6 (and under 5.4), it looks like the industrial signatures are excluded by default (see https://help.fortinet.com/fos50hlp/56/Content/FortiOS/fortigate-security-profiles/Other_Profile_Cons... ), if the global option exclude-signatures is set to none and the CLI does show category 26 set in one of the app list, but is not showing up in the UI, it may be possible that you are looking at cached content - try refreshing the page and/or try another web browser.
NSE4/FMG-VM64/FortiAnalyzer-VM/6.0 (FWF30E/FW92D/FGT200D/FGT101E/FGT81E)/ FAP220B/221C
I have activated the signatures (put it on "none" exlude industrial signatures) and i have selected all categorys in the application list menu and nothing works
Any ideas??
Have you tried clearing the browser cache or using a different web browser and/or accessing the fgt from a different workstation/labtop - all three? The only times I have encounter something like this is using using an unsupported browser version (some of the page elements wouldn't show up) or didn't clear the browser cache following a major firmware upgrade.
Also have you followed the recommended Upgrade path for going from 5.4.x to 5.6.6? It looks like the min. 5.4 version needed to go straight to 5.6.6 is 5.4.10.
jeskudero wrote:I have activated the signatures (put it on "none" exlude industrial signatures) and i have selected all categorys in the application list menu and nothing works
Any ideas??
NSE4/FMG-VM64/FortiAnalyzer-VM/6.0 (FWF30E/FW92D/FGT200D/FGT101E/FGT81E)/ FAP220B/221C
Hello
It seems like Fortinet has exclude the industrial signatures from the UTM license group, you hava to purchase those signatures apart of the UTM license or you have to purchase the enterprise licecense. That was my local seller response.
anyway, thanks for your responses!
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1645 | |
1070 | |
751 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.