Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
lucas_robb
New Contributor

Web Filtering Not Enabled

Hi All,

 

working with the fortigate 30D and the web filtering isn't working.  if you look below, this is my response to checking if the web filtering is running

# diagnose debug rating
Locale : english

The service is not enabled.

 

but everything on the gui points to it being turned on.  Can anyone suggest something?  If I can get this up I may look into it running in transparent mode.

 

Thanks All,

Lucas

1 Solution
mnaylor
New Contributor

Hey Lucas.Robb,

I just ran into the same issue setting up a 500D for production.  We're just switching from another vendor and so I'm learning as I go.  I did find something interesting when trying to setup web filtering.  I found that it wasn't classifying websites at all and therefore the web filtering wasn't working at all.  I did some digging and found no KB articles or info on it so I started looking at configs.  I found that there's a setting that was enabled that was forcing web filtering off.  This was a new 500D out of the box so I didn't set this but here's how to find it from the CLI:

 

config system fortiguard   <enter>

show <enter>

 

look for this line:

 

web-filter-force-off enabled

 

This is what is forcing web filtering to not work. Change it using the following:

 

set webfilter-force-off disable <enter>

end <enter>

 

As soon as I did this web filtering started working, and I've been troubleshooting whitelisting websites ever since.  Hope this helps you out man!

 

-Mike

View solution in original post

3 REPLIES 3
mnaylor
New Contributor

Hey Lucas.Robb,

I just ran into the same issue setting up a 500D for production.  We're just switching from another vendor and so I'm learning as I go.  I did find something interesting when trying to setup web filtering.  I found that it wasn't classifying websites at all and therefore the web filtering wasn't working at all.  I did some digging and found no KB articles or info on it so I started looking at configs.  I found that there's a setting that was enabled that was forcing web filtering off.  This was a new 500D out of the box so I didn't set this but here's how to find it from the CLI:

 

config system fortiguard   <enter>

show <enter>

 

look for this line:

 

web-filter-force-off enabled

 

This is what is forcing web filtering to not work. Change it using the following:

 

set webfilter-force-off disable <enter>

end <enter>

 

As soon as I did this web filtering started working, and I've been troubleshooting whitelisting websites ever since.  Hope this helps you out man!

 

-Mike

Ajit
New Contributor

ESDS (Microsoft Dynamics ERP Partner)
lucas_robb
New Contributor

Hello All,

 

there were 2 areas that I missed in my configuration.  Since the lan-wan firewall rules were already in place I did not investigate the policies of each firewall rule and missed the "on" button for the web filtering.  the next thing is to configure the filtering itself.  once both of those are set it will work without issue.

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors