Hi, there
I configured Web Filter override for certain user group. User can now enter username and password to override for 15 min (not user changeable).
However from logging/reporting perspective, is there anyway to see who is overriding the web filter? How long left for the override duration and how to revoke the web filter override for certain user if needed?
Plus, it doesnot seem like Web override can not use the same user account for authentication? For example, USER1 belong to Group1 which is configured for override authentication. USER1 is browsing to www.abc.com which is blocked by filter profile. USER1 can not use her/his account to override, right?
Maybe asking too much but can not find a manual to give me answers...
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
There is a recipe for 5.2 about overriding a web filter, which you can find here.
I used the scenerio in the recipe to look at the logs. The best place to find information about who was using the override was in the Forward Traffic log, where you could see one user (bwayne) being blocked, while the other user (ckent) was able to access a website that would otherwise be blocked. I've attached a screenshot of my results.
In 5.2, once a user authenticates, they automatically use the override if it has been set up for them. This means that they can use their regular account for authentication.
Technical Writer, FortiOS
Let me know if there's anything you want to see added to the FortiGate Cookbook.
I don't believe there is a log dedicated to the overrides.
Technical Writer, FortiOS
Let me know if there's anything you want to see added to the FortiGate Cookbook.
Anyone? No one?
Hello,
What version of FortiOS are you using?
Technical Writer, FortiOS
Let me know if there's anything you want to see added to the FortiGate Cookbook.
Right now the 1500Ds are running version 5.2.3,build670
There is a recipe for 5.2 about overriding a web filter, which you can find here.
I used the scenerio in the recipe to look at the logs. The best place to find information about who was using the override was in the Forward Traffic log, where you could see one user (bwayne) being blocked, while the other user (ckent) was able to access a website that would otherwise be blocked. I've attached a screenshot of my results.
In 5.2, once a user authenticates, they automatically use the override if it has been set up for them. This means that they can use their regular account for authentication.
Technical Writer, FortiOS
Let me know if there's anything you want to see added to the FortiGate Cookbook.
Thanks, I checked the recipe before did my posting.
I guess your point of the log is more of correlating of information to reveal the user override instead of dedicated page for the override information.
I don't believe there is a log dedicated to the overrides.
Technical Writer, FortiOS
Let me know if there's anything you want to see added to the FortiGate Cookbook.
vmartin wrote:Thanks I thought so :) I know Fortigate is not dedicated web filter appliance but it might be nice to have for reporting though.I don't believe there is a log dedicated to the overrides.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1692 | |
1087 | |
752 | |
446 | |
228 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.