Blocked because of virus

sarif · ‎04-21-2014

when i open my webmail in external i got this error : Blocked because of virus A virus was detected, originating from your system. Please contact the system administrator. Help Me...

Dipen · ‎04-30-2014

Is your Webmail servers published on Internet via fortigate ? Are UTM filters enabled on the policy? A screenshot of error should be helpful.

Ahead of the Threat. FCNSA v5 / FCNSP v5

Fortigate 1000C / 1000D / 1500D

Sean_Toomey_FTNT · ‎08-03-2014

Hi Sarif, This message means the FortiGate AntiVirus detected a virus coming from your machine. This means at minimum some UTM is enabled, but more importantly your machine is likely infected. There' s a small chance it' s a false positive, but usually that is a big warning sign. Once you have determined your machine is free of virus (use a couple of scanning tools to be sure), try again. If you continue to face this issue, please open a TAC case. Include the following: 1. Backup of system config 2. Diag debug report / exe tac report 3. Packet capture from your machine and/or on the FortiGate when the issue is occuring. I am confident they will get you fixed, and probably with a lot less back and forth questions than I would have since they could see your entire config. Cheers!

-- Sean Toomey, CISSP FCNSP Consulting Security Engineer (CSE) FORTINETâ€” High Performance Network Security

Nihas · ‎08-12-2014

You can check the FG User&Device - Monitor - Banned User to understand why the machine is blocked. If the machine is able to surf the things after 5 minutes, that is for sure something has happened from or to the machine.

Nihas [\b]