Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Not applicable

Created on ‎01-04-2011 05:35 AM

Override and user authentication

Hi We have a Fortigate 600B running v4.0,build0194,100121 (MR1 Patch 3). I am successfully authenticating users onto the web using their AD credentials but I cannot get the Override facility to work. Under the User Group the ' Allow to create Fortiguard Web Filtering overrides' is ticked and the correct Protection Profile enabled. The Protection profile also has the ' Enable FortiGuard Web Filtering Overrides' ticked and the appropriate blocked categories also have the Allow Override ticked. When selecting the override option it just sits there with an “Opening page https://ebay.co.uk:8010/ovrd?....” message and no error message in the logs. Any help much appreciated.
3040
0 Kudos
7 REPLIES 7
cmberry
New Contributor

Created on ‎01-06-2011 04:29 AM

You need to click " Continue to this website (not recommended). " , and then you will be prompted by the firewall to enter credentials. If you get past that page, and the credentials themselves dont seem to work, try doing this which has worked for me and at least one other user I helped here: UTM>Web Filter>Profile>Fortiguard Web Filtering Overrides> change Override Scope to " ASK" . Also, make sure the override group is in the " Selected" box under User Group. Hope this helps, peace.
Preview file
34 KB
2146
0 Kudos
Not applicable
In response to cmberry

Created on ‎01-06-2011 06:36 AM

Hi Thanks for the response. I think part of the problem is that I' m not getting the ' Continue to this website' message. I' m not getting to a point where I can enter any credentials. Regards
2146
0 Kudos
cmberry
New Contributor
In response to

Created on ‎01-06-2011 08:12 AM

This is what I see when I visit a category that is blocked, can you get this far? If you want to have the user enter a password each time they override, then I think you can fix your problem by changing the scope to ASK, as opposed to USER or USERGROUP. But if you cant even see the " override" link, then I am not sure what to say.
Preview file
31 KB
2146
0 Kudos
Not applicable
In response to cmberry

Created on ‎01-07-2011 02:33 AM

Yep I get the override link but then it hangs after selecting the override option with opening page https://ebay.co.uk:8010/ovrd?....” message and no error message in the logs.
2146
0 Kudos
Fullmoon
Contributor III
In response to

Created on ‎01-12-2011 12:47 AM

tony sweet, pls check the name of your web profile see to it there' s no spaces involve then try your luck once again

Fortigate Newbie

Fortigate Newbie
2146
0 Kudos
Not applicable
In response to Fullmoon

Created on ‎01-22-2011 05:19 PM

I am currently researching this issue as well. The issue is the Fortigate is attempting to use the URL of the blocked domain. The certificate that you can assign within the Fortigate does not matter. You can assign a valid certificate and you will still receive the error. You can change the URL to the Fortigate hostname or IP address and the error will continue. To date the only way that I know to resolve the issue is to disable the HTTPS requirement and the error will go away. Not sure how far the request goes through the Fortigate and if there is any security issue with not having HTTPS enabled.
2146
0 Kudos
Not applicable
In response to

Created on ‎01-22-2011 05:28 PM

Forgot to post the CLI commands to disable HTTPS. config webfilter fortiguard set ovrd-auth-https disable end
2146
0 Kudos
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.