Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Mes-Lili2
New Contributor III

Created on ‎10-11-2023 09:14 AM Edited on ‎10-11-2023 09:16 AM

Web Filter Issue

I have a basic policy with web filter as below...    when I browse to the site listed as blocked it allows me out on the same policy.  perhaps I have missed something obvious here,... 

 

FSSO4-Error.png

and here is the web filter

 

FSSO3-Error.png

Labels:
1089
0 Kudos
11 REPLIES 11
dbu
Staff
Staff

Created on ‎10-11-2023 09:35 AM

Hi @Mes-Lili2 ,

Have a look at these tips here :

https://community.fortinet.com/t5/FortiGate/Technical-Tip-FortiGate-Static-URL-filter-actions-explai...

Regards!
If you have found a solution, please like and accept it to make it easily accessible for others.
887
0 Kudos
dbu
Staff
Staff

Created on ‎10-11-2023 10:07 AM Edited on ‎10-11-2023 10:10 AM

I just did a fresh config in the lab like this : 

webfilter.PNG

 

polic.PNG

 

ches.PNG

 

 

Make sure you are matching the correct firewall policy!

Regards!
If you have found a solution, please like and accept it to make it easily accessible for others.
878
Mes-Lili2
New Contributor III
In response to dbu

Created on ‎10-12-2023 09:59 AM

OK thanks for the example,   but what would you do if you just wanted that policy to allow access to only www.cheese.com, would you simply set  to allow.  this is what i have done for microsoft .com only but my test connection to my own website is using the  policy allows the traffic through. and the logs show the policy used.

FSSOA-Error.pngFSSOB-Error.pngFSSOC-Error.pngFSSOD-Error.png

790
0 Kudos
Mes-Lili2
New Contributor III
In response to dbu

Created on ‎11-10-2023 09:30 AM

In your policy above, yes it will block www.cheese.com but it will also allow users to go to every other site...  and if you put a wildcard block below www.cheese it will block all users and prevent them getting to any websites allowed in policies further down...  or am i wrong??

613
0 Kudos
hbac
Staff
Staff

Created on ‎10-11-2023 01:12 PM

Hi @Mes-Lili2,

 

Can you check webfilter logs and make sure the URL is matching the one you configured under static URL filter. 

 

Regards, 

851
0 Kudos
Mes-Lili2
New Contributor III
In response to hbac

Created on ‎10-11-2023 01:29 PM Edited on ‎10-11-2023 01:30 PM

Where are the webfilter logs…”?”?

846
0 Kudos
hbac
Staff
Staff
In response to Mes-Lili2

Created on ‎10-11-2023 01:54 PM

It depends on FortiOS version, you can check Log & Report -> Web Filter. Or Log & Report -> Security Events > Web Filter

837
0 Kudos
dbu
Staff
Staff

Created on ‎10-11-2023 01:52 PM Edited on ‎10-11-2023 01:54 PM

Depending on the version, it either shows directly  Log & Report > Web filter or Log & Report > Security Events > Web filter

Regards!
If you have found a solution, please like and accept it to make it easily accessible for others.
839
Mes-Lili2
New Contributor III
In response to dbu

Created on ‎10-11-2023 01:58 PM

Log report shows no option for web filter and security events shows “no results” in main window.

833
0 Kudos
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.