One of our user always get error that "URL blocked by Forticlient" and he has to refresh few time to make it working, please details error message screenshot. I already added all the website in exclusion list under web filter, but it still blocks. When he disconnects from telemetry or work offsite, it loads all the website without errors. I am working from the same location and I never had any issue.
Forclient ver. 7.2.2
Forticlient EMS: 7.2.2
Solved! Go to Solution.
I think the issue fixed after i set "Allow websites when rating errors occurs' to Allow. This is option is under Endpoint Profiles - Web Filter.
Hello @ArifS ,
Are FortiGuard urls/IPs accessible from your office network?
Can you check firewall logs related to problematic clients? Because FortiClient gives an error about the "FortiGuard rating service is inaccessible".
How do I check if the Fortiguard urls/ip accessible?
What is the ip address of FortiGuard URLs
In the EMS server log viewer, i only see AD sync logs, so I set the log level to Debug to see if it capture more logs.
You can review this document about FortiGuard addresses. Also, you need to check your configuration. Do you use Anycast or Legacy for webfiltering? You can check this setting in your web filter profile.
https://docs.fortinet.com/document/forticlient/7.2.4/administration-guide/539869
You can check traffic on your FortiGate, whether clients trying to connect these addresses or not.
I checked URL rating, and it was set to legacy which means it uses usfgd1.fortigate.com server outbound port 8888 for Global. We tried accessing usfgd1.fortigate.com on port 8888 and didnt work but it responded on port 443. So I changed URL rating to Anycast and then tried accessing those webiste and it still blocks. I can't find any useful info in the logs.
Created on 03-18-2024 11:36 PM Edited on 03-18-2024 11:40 PM
Hello @ArifS ,
Can you create a policy on your firewall with internet service (Fortinet-FortiGuard)? After that can you try to access the related website from a client?
Also, can you review the traffic log in in "forward traffic" area?
For example like that.
After changing url rating to Anycast, both unix and mac users can't get to the internet from lan or from home network when using forticlient. it blocks everything. please see the attached screenshot of the mac user's web filter logs. It says that Blocked (Failed to rating). Let me see if I can get our firewall to make changes.
I think the issue fixed after i set "Allow websites when rating errors occurs' to Allow. This is option is under Endpoint Profiles - Web Filter.
This will solve the problem temporarily. If your clients constantly experience this problem, forticlient will allow all websites. Actually the blocks you make will not work.
Ever since we deployed forticlient, we see website blocked logs under web filter even though website works fine. But when we installed forticlient on unix, it started blocking website for that machine only. By allowing website in case of error communicating with fortiuard rating server, fixed the issue.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1737 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.