Fortinet Community

ORIGINAL: pcraponi Move to the last MR3 version (patch14) and try again

um....no? unless its a known bug for the version I am on that doesnt make sense. if its a known issue I' m happy to move to a newer patch though

ORIGINAL: Dave Hall I assume you have enabled NAT on that fw policy? If FortiGuard Categories is enabled in the web filter profile If so I assume your fgt has a valid FortiGuard subscription? Can you confirm the correct URL filter list is assigned to the web filter profile? How did you craft the actual URL entry (as a wildcard or regex)? Do you have an app sensor enabled on that fw policy? If so check to see the site is not being blocked by it.

I' ll double check that I remember to check the box for NAT fortiguard is up to date, I checked the URL filter numerous times, its set as a simple block to the website with the domain name and then .com no app sensor enabled

ORIGINAL: dmmillr1

ORIGINAL: pcraponi Move to the last MR3 version (patch14) and try again

um....no? unless its a known bug for the version I am on that doesnt make sense. if its a known issue I' m happy to move to a newer patch though

The onus is on you to determine if a newer patch has resolved your issue. We' re not going to do your homework. (at least I' m not!)

ORIGINAL: dmmillr1 I' ll double check that I remember to check the box for NAT fortiguard is up to date, I checked the URL filter numerous times, its set as a simple block to the website with the domain name and then .com no app sensor enabled

Instead of describing the problem, actual script code and/or a screenshot would be better. (You also did not indicate if the correct URL filter list is tied to the web filter profile assigned to the test computer.) Off the top of my head I would say check the submask on the fw object for your test computer -- it should be /32. If you have utm logging enabled it should indicate why the test computer was blocked. Again, script code and/or screenshot would help (san any identifying outside IP addresses).

ORIGINAL: rwpatterson The onus is on you to determine if a newer patch has resolved your issue. We' re not going to do your homework. (at least I' m not!)

sorry wasn' t inferring you needed to. I haven' t had time to get into the release notes, as this is for a part time consulting gig(previous FT employer) and I need to get the main support password I just don' t think that blindly code upgrading or rebooting a box to try and fix a problem is the first thing to try :)

ORIGINAL: Dave Hall Instead of describing the problem, actual script code and/or a screenshot would be better. (You also did not indicate if the correct URL filter list is tied to the web filter profile assigned to the test computer.) Off the top of my head I would say check the submask on the fw object for your test computer -- it should be /32. If you have utm logging enabled it should indicate why the test computer was blocked. Again, script code and/or screenshot would help (san any identifying outside IP addresses).

Ill get a screen up for ya, I did check and the correct URL filter is applied, but I can get screens of all of it I will post the logs as well, not digging into them was a silly mistake, but in my defense aka excuse....my 5 month old stopped sleeping at night this week and I' m getting pretty tired :p