Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
rg2017
New Contributor III

Sites being blocked since upgrading to FortiOS 6

Hello,

We've upgraded to FortiOS 6 on 4/27. We are seeing a strange bug where random sites will be blocked. The FortiGate will present a FortiGuard web filter block screen with no category. I found the following message in the web filter logs for each of the blocked sites. I haven't configured any URL filter lists; especially ones that include blocking of our major customers' sites. 

 

 

I did find that refreshing the screen would load the site. I'm assuming this is a bug. I've submitted a ticket to FortiNet and they are "researching" the problem.

 

Has anyone else seen this problem with release 6?

 

Thanks,

Rod

10 REPLIES 10
rg2017
New Contributor III

Here's one I've just seen when attempting to check the status of an open ticket.

 

emnoc
Esteemed Contributor III

cli-cmd diag debug flow  is your friend but the error in the 1st post should make it clear as to why your blocked

 

Ken

 

PCNSE 

NSE 

StrongSwan  

PCNSE NSE StrongSwan
rg2017
New Contributor III

Thank you, Ken. However, I'm not seeing what you mentioned in the 1st post. It says it was blocked because it's in a URL filter list, which these sites are not.

emnoc
Esteemed Contributor III

cli-cmd diag debug flow, maybe you have a URL filter profile in a policy and the site matches it  { AdminUsers } ???

 

Ken

 

PCNSE 

NSE 

StrongSwan  

PCNSE NSE StrongSwan
rg2017
New Contributor III

The sites being blocked are random. There is absolutely no URL filter in that policy, nor any other policy. I haven't used that feature. I especially wouldn't create a URL filter that blocks access to our customer portals. The second post also shows that Fortinet's support site was blocked as well. 

 

I'm sorry, I'm new to Fortinet and don't know what do to run diag debug flow. I mean I can run the command, but the sites being blocked are random and at random times. 

rg2017
New Contributor III

emnoc
Esteemed Contributor III

cli-cmd

 

diag debug reset

 

diag debug flow  addr  96.45.36.97

diag debug  show console enable

diag debug enable

 

diag debug flow trace start 10

 

Now point the client at that site and review the output

PCNSE 

NSE 

StrongSwan  

PCNSE NSE StrongSwan
rg2017
New Contributor III

Thank you very much. I'll run the debugs today and see what I find. 

systeembeheer1

Hello,

 

i have the same problem's.

Random error's at URL Filtering. If you press F5 the page load's perfect.

It is very random. It's showing catagories wich are not blocked.

 

I think it's a bug in OS 6.0

 

 

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors