Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor

URL Filtering _ Custom URL _ Basic Doubts.

Hi Friends,

Can you please help me to  understand how the custom URL works in fortigate?

I have a scenario like below , please help.


1.  --- Allow   ( IP

2. -- Allow 

( Only these 2 above sites needs to be allowed from the highly protected network)

Rest all including ,

3.          ( IP



6.  "*" should be blocked at our end. But the challenge here is both allow and deny URL's having same IP. In such scenario how does a brilliant Fortigate take a decision? 



1. Basically how does a fortigate determines a http & https traffic belongs to a particular category / URL filter?

1.a  - Which field of packets does it inspect to get the details ( CN / SNI / ?? )


2. How can I create a URL filtering profile for the above scenario? Will the below work?

    -- simple - allow

   --- simple --allow

             *.*  -- wildcard -- Block


Thank You in advance.. :)



Nihas [\b]
Nihas [\b]
New Contributor



1. Does Fortigate send the request to Fortigurad service for each http & https request?

2. Which part of packet does it consider for the inspection ? CN or http header or SNI or IP ?

3. How does it take a decision if both allow & deny URL's are configured in a same IP?


Nihas [\b]
Nihas [\b]

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Top Kudoed Authors