Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Sisma
New Contributor

Created on ‎08-22-2024 01:16 AM

Whitelisting one site

Hi, I need to access a website, but even though I have listed it as "Exempt" in the web filter profile, the stations still time out. How can I fix this? I have an outbound policy that allows all traffic with specific countries permitted. The website I need to reach is "scopus.com." How can I ensure access without creating a dedicated policy?


Kind Regards,
Sisma

Labels:
575
0 Kudos
1 Solution
ozkanaltas
Valued Contributor III

Created on ‎08-22-2024 01:23 AM

Hi @Sisma ,

 

Firstly, we need to determine whether this website is blocked by a web filter or geo policy. 

If this website is blocked by a web filter, you can override the website category on the web filter profile.

 

https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-configure-web-rating-override-for-s...

 

If this website is blocked by a geo rule, you should create a special rule for this website. There is no other option for a solution.

If you have found a solution, please like and accept it to make it easily accessible to others.
NSE 4-5-6-7 OT Sec - ENT FW

View solution in original post

If you have found a solution, please like and accept it to make it easily accessible to others.NSE 4-5-6-7 OT Sec - ENT FW
569
2 REPLIES 2
ozkanaltas
Valued Contributor III

Created on ‎08-22-2024 01:23 AM

Hi @Sisma ,

 

Firstly, we need to determine whether this website is blocked by a web filter or geo policy. 

If this website is blocked by a web filter, you can override the website category on the web filter profile.

 

https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-configure-web-rating-override-for-s...

 

If this website is blocked by a geo rule, you should create a special rule for this website. There is no other option for a solution.

If you have found a solution, please like and accept it to make it easily accessible to others.
NSE 4-5-6-7 OT Sec - ENT FW
If you have found a solution, please like and accept it to make it easily accessible to others.NSE 4-5-6-7 OT Sec - ENT FW
570
ezhupa
Staff
Staff

Created on ‎08-22-2024 02:52 AM

Hello, 

 

Please check first if the traffic is indeed matching the policy where you have applied the WebFilter profile with the static URL. 
In theory if the traffic is matching that policy where you have that URL exempted, it should work without any issues. Please note that the webfilter will check the CN value of the certificate of the website, if for some reason in the CN value there is some other domain name or IP, exempting scopus.com won't work.

You can check the Forward Traffic logs on the FGT and see if maybe another policy is matching or another security profile is blocking it.

Hope this helps!
Enea

531
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.