Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
imuscleupcarat
New Contributor

Created on ‎03-12-2024 07:42 PM

Web Filter Rating - Timed Out Getting Blocked

Good Day Everyone,

 

Just want to ask if there are other approach to solve or somehow adjust web ratings provided by FortiGuard.

 

Client has already "allowed rating options when rating errors occur".

 

But we think of it as a temporary solution.

 

Are there any other alternatives for this?

 

Is this a known issue for 7.4.3(FortiGate FW 3700D)

 

I have attached photos for reference.

FortiGate 

#FortiGuard

 

1.png2.png3.png4.png5.png

Labels:
286
0 Kudos
4 REPLIES 4
dbhavsar
Staff
Staff

Created on ‎03-13-2024 05:11 AM

Hi @imuscleupcarat ,

 

- That must occurred because the web-filter service was either down/unreachable. Can you confirm if this occurred after Daylight Saving Time changed or not. 
- you can make following changes:
config system fortiguard

set fortiguard-anycast disable

set protocol udp

set port 53/8888

end

 

- Or you can restart the urlfilter daemon service by following command:
diagnose test application urlfilter 99

DNB
252
0 Kudos
imuscleupcarat
New Contributor

Created on ‎03-14-2024 10:56 PM

Hi @dbhavsar ,

 

Does executing this commands requires maintenance window?

 

What would be the effects for this on live production?

 

Also as confirmed, no changes on Daylight Saving Time during the issue.


Regards

 

230
0 Kudos
dbhavsar
Staff
Staff
In response to imuscleupcarat

Created on ‎03-15-2024 04:55 AM

Hello @imuscleupcarat,

 

There shouldn't be any issues even if firewall is in production. Check this article there is more details in this:
https://community.fortinet.com/t5/FortiGate/Troubleshooting-Tip-FortiGuard-Web-Filtering-problems/ta...

 

DNB
216
0 Kudos
ezhupa
Staff
Staff

Created on ‎03-15-2024 07:18 AM

Hello, 

The below KB gives an extended explanation and most frequent scenarios regarding FortiGate - Fortiguard connectivity:
https://community.fortinet.com/t5/FortiGate/Technical-Tip-FortiGuard-Overview-and-Troubleshooting/ta...

I would suggest taking a look as it goes through multiple scenarios and could be of help also in the future. 

In your case I believe the issue would be resolved by disabling anycast and changing port to 8888 and udp like the previous suggestion. 

config system fortiguard

set fortiguard-anycast disable

set protocol udp

set port 8888

end

Hope it helps!

205
0 Kudos
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.