Hello,
We have a fortigate 80F. There is a Firewall Policy, which has WebFilter enabled for traffic from LAN to Internet.
The problem is that we are trying to access a sftp with IP. I see in the logs that the IP is categorized as Unrated.
I created a new Web Rating override and in the URL I've added the IP we are trying to access (The override is to use a different category to allow the access). Obviously the URL field is for URLs, so the IP is still been treated as unrated. To overcome this issue I have created a new Policy rule so the traffic for this specific IP is not using the WebFilter UTM.
Is there any way (except making the Unrated category allowed) to overcome this issue?
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hi Team,
Could you please try to exempt this ip address under web filter profile >> url filter, you can see the below screenshot for the reference:
You have to keep action as exempt and enable it.
Please keep us posted
Hi Team,
Could you please try to exempt this ip address under web filter profile >> url filter, you can see the below screenshot for the reference:
You have to keep action as exempt and enable it.
Please keep us posted
yeah what seshuganesh says :)
Webfilter is made for FQDN not for ips. I also recommend using the url filter for that with an exempt rule like he described it.
--
"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams
Hi,
Web filter works on HTTP / HTTPS ports.
Can you paste the log as well as the firewall policy you are referring to?
Regards,
Vignesh.
that too, vponmuniraj :)
Also it does not support wildcards while the url filter does.
And as said webflter is made for fqdns not ips.
Alas that is what TAC told me once :)
--
"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams
Hi all,
@seshuganesh solution is working. We can see now in logs that the traffic is marked as passthrough. Thank you all!
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1631 | |
1063 | |
749 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.