- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Web Filtering- Slow page loading.
We are currently experiencing an issue with slow page loading when web filtering is enabled at the policy level. When web filtering is disabled, the page loading speed is normal. The issue occurs on all websites especially first time browsing any websites, with load times ranging from 5 to 20 seconds.
- Labels:
-
FortiGate
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
Could you please let know the firmware version used? And also the output of #diag debug rating
Best regards,
Jin
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi, Firewall version v7.2.7 build1577
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Did you check your DNS server config? (System / DNS)
Make sure you are using a server with low latency. Note also that DOH / DOT server may be slower.
If this doesn't solve it, check the latency to webfiltering server (diag debug rating) Check more here:
Troubleshooting Tip: Unable to connect to FortiGuard servers
- Toss a 'Like' to your fixxer, oh Valley of Plenty! and chose the solution, too00oo -
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I don,t think DNS. Because when disable the webfilter, The connection speed is normal.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Di de rating.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
RTT 11 - high(er) latency than normal (usually 0/1)
You can use this article to disable anycast:
https://community.fortinet.com/t5/FortiGate/Technical-Tip-FortiGuard-is-not-reachable-via-Anycast-de...
Also, community articles are your friend. You can solve most FG problems just by searching around
- Toss a 'Like' to your fixxer, oh Valley of Plenty! and chose the solution, too00oo -
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @AlexC-FTNT ,
In this case, can try to disable anycast with below config?
"
config system fortiguard
set fortiguard-anycast disable
set protocol https
set port 8888
set sdns-server-ip 173.243.129.16
end
"
the config from the link has given. Just need to know, what the best sdns-server ip server need to configure?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
SDNS has no connection to the anycast, or your issue. You yourself mentioned this is not a DNS issue. Why would secure DNS have anything to do with this? Do you have DNS filtering in policies? if not, skip that SDNS part :)
- Toss a 'Like' to your fixxer, oh Valley of Plenty! and chose the solution, too00oo -
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Hakam,
Please refer below article as it seems much more similar to issue you have described:
Cheers,
Ankit
If you have found a solution, please like and accept it to make it easily accessible to others.