this is no criticism to Fortinetsupport, but I am very interested whether you guys @the forum are having the same issues with Forticlient EMS and the webfilter.
I have a open ticket running since June 2022 and did numerous tests, debuglogs, new installs, adapt the installation etc.
- Forticlient EMS at Server 2019
- Sitting in the DMZ
- Reachable via FQDN from the internet
- Reachable from internal LAN via FQDN
- The Forticlient correctly triggers Online-onfabric / Online-off-fabric rules (e.g. I can see that the webfilter is enabled when going off-fabric
- and here comes the problem:
- No matter what I do, the webfilter itself is not working properly
- If I go from onfabric to off-fabric, the webfilter is enabled, BUT
- it is not filtering anything
- Sometimes - if I stay off-fabric with the device (e.g with smartphone-hotspot) the webfilter does its job in blocking XXX sites for example
- As soon as I start switching networks (off-fabric / on-fabric / off-fabric) the webfilter stops blocking (but being still correctly activated). Sometimes it starts to work after about 10 minutes
- I tried it with browser add-ons and without them (Forticlient-addon)
So you absolutly cannot rely on this part of Forticlient, which makes it some kind of insecure!
Does no one of you have this troubles? I cannot believe that I am the only one with this situation. Does you Forticlient-Webfilter work (does it block sites when going from on- to off-fabric?)
Some feedback woud be great!
Thanks a lot!