Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
OV
New Contributor

Unable to Enable Security profiles in Policies | 100D | 5.4.1

Hello Everyone, 

 

I have created security profiles ( webfiltering & app control). However, I am not able to enable it in the policy, I switch the enable button but OK button becomes inactive.

 

I might be missing something but I am new to this device, your priceless assistance will be highly appreciated.

Professional Services Engineer

Professional Services Engineer
2 REPLIES 2
smcguire
New Contributor

Check your inspection mode under Dashboard|System Information|Inspection Mode (5.4.0 GUI) not sure if it's the same for 5.4.1.

 

If your in proxy and the security profile is set for flow-based you won't be able to select it for new IPv4 Policy's.

 

Found that out recently just passing it along.

 

-Stephen

tanr
Valued Contributor II

Do you mean you can't enable the security policy, or you can't set a particular security profile (like web filtering or app control) on a policy?

 

In 5.4.x you can actually set flow-mode security profiles on a security policy, but not from the GUI.  You need to set them in the CLI.  On a 5.4.2 FortiGate set to proxy mode I have multiple security policies with flow-mode profiles.  Note that app control profiles are *always* flow-mode, but web filter profiles can be proxy mode or flow mode.

 

This has been discussed a bit on the forums.  See https://forum.fortinet.com/tm.aspx?m=135666.

There are some limitations and caveats, which the thread above discusses.

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors