Hot!Some websites blocked, others not - web filtering feature disabled

Author
Enveloc
New Member
  • Total Posts : 4
  • Scores: 0
  • Reward points: 0
  • Joined: 2018/03/27 15:46:48
  • Status: offline
2018/03/28 07:15:47 (permalink)
0

Some websites blocked, others not - web filtering feature disabled

New user of Fortigate hardware here, so we are just trying to set this thing up right now. Have it attached to a standalone workstation with no web access (because we are going to replace our current gateway/router with this one)
 
As I said, the web filtering feature is disabled on the firewall, but certain websites are being blocked while others are not.
For example: Amazon.com cannot be reached and the error makes no sense to me.
 
We will worry about fine level tuning and blocking later. For now, I need to be able to get to ANY website from any PC on our network. Any suggestions?
#1

7 Replies Related Threads

    Toshi Esumi
    Expert Member
    • Total Posts : 1170
    • Scores: 66
    • Reward points: 0
    • Joined: 2014/11/06 09:56:42
    • Status: offline
    Re: Some websites blocked, others not - web filtering feature disabled 2018/03/28 09:53:10 (permalink)
    0
    How are you testing web filtering, or no web filtering, with "no web access" you mentioned first?
    #2
    Enveloc
    New Member
    • Total Posts : 4
    • Scores: 0
    • Reward points: 0
    • Joined: 2018/03/27 15:46:48
    • Status: offline
    Re: Some websites blocked, others not - web filtering feature disabled 2018/03/28 10:07:44 (permalink)
    0
    I have it configured to replace our current gateway/router, but I can only connect it to the network temporarily (replacing the existing one) for testing since it is NOT the gateway yet. When I plug it in, I go to my workstation and test connectivity. Email works, RDP works and many websites open with no issue. However Amazon and Facebook (for example) do not. I can't tell the exact error I get right now because I can't do the swap during the middle of the day.
     
    Hopefully after 2pm I can try again and I will get the actual error.
    #3
    rwpatterson
    Expert Member
    • Total Posts : 8282
    • Scores: 181
    • Reward points: 0
    • Joined: 2006/08/08 10:08:18
    • Location: Long Island, New York, USA
    • Status: online
    Re: Some websites blocked, others not - web filtering feature disabled 2018/03/28 10:21:51 (permalink)
    0
    Enveloc...For example: Amazon.com cannot be reached and the error makes no sense to me...

     
    For starters, what is the error message?

    -Bob - self proclaimed posting junkie!
    See my Fortigate related scripts at: http://fortigate.camerabob.com

    -4.3.19-b0694
    FWF60B
    FWF80CM (4)
    FWF81CM (2)
     
    #4
    Enveloc
    New Member
    • Total Posts : 4
    • Scores: 0
    • Reward points: 0
    • Joined: 2018/03/27 15:46:48
    • Status: offline
    Re: Some websites blocked, others not - web filtering feature disabled 2018/03/28 11:28:02 (permalink)
    0
    I get one error in Chrome and a different one in MS Edge. I would post screen shots but apparently that is not supported here, you can only post URLs for pictures from the web.
     
    Anyway, Edge says:
     This site is not secure
    This might mean that someone’s trying to fool you or steal any info you send to the server. You should close this site immediately.

    [link=about:start]Go to your Start page[/link] Details
    Your PC doesn’t trust this website’s security certificate.
    Error Code: DLG_FLAGS_INVALID_CA
    Because this site uses HTTP Strict Transport Security, you can’t continue to this site at this time.

     
     
    Chrome says:
    An application is stopping Chrome from safely connecting to this site.
    "Fortinet" wasn't installed properly on your computer or the network
     
    Try uninstalling or disabling "fortinet"
    Try connecting to another network
     
    NET::ERR_CERT_AUTHORITY_INVALID
     
    Then, under "advanced," it says:
    "Fortinet" isn't configured correctly. Uninstalling "fortinet" usually fixes the problem.
    Applications that can cause this error include Anti-virus, Firewall and web-filtering or proxy software.
     
     
    I have not installed ANY software along with this firewall and do not have "Fortinet" installed or otherwise present to my knowledge. And this would make no sense if other websites display with no issues.
     
    #5
    Enveloc
    New Member
    • Total Posts : 4
    • Scores: 0
    • Reward points: 0
    • Joined: 2018/03/27 15:46:48
    • Status: offline
    Re: Some websites blocked, others not - web filtering feature disabled 2018/03/28 12:00:31 (permalink)
    0
    Forgot to mention this is a 60E.
    #6
    pyy
    Bronze Member
    • Total Posts : 25
    • Scores: 2
    • Reward points: 0
    • Joined: 2015/10/21 10:57:48
    • Status: offline
    Re: Some websites blocked, others not - web filtering feature disabled 2018/03/28 15:14:53 (permalink)
    0
    Hi
    Try to lower your wan interface mtu (1462) especially if you are using PPPoE or xDSL connection
    and disable full ssl inspection if it is enabled.
    Best Regards
    pyy
    post edited by pyy - 2018/03/28 15:17:16
    #7
    Ranga
    New Member
    • Total Posts : 4
    • Scores: 0
    • Reward points: 0
    • Joined: 2017/05/19 00:43:26
    • Status: offline
    Re: Some websites blocked, others not - web filtering feature disabled 2018/10/09 22:41:36 (permalink)
    0
    Typically webfilter would not allow traffic through by default if the license had expired on it. You can verify the license using "get webfilter status".Even though ICMP allowed web traffic may not allowed.
    You can try turning off all UTM features so Fortinet will operate without nextGen features. 
    #8
    Jump to:
    © 2018 APG vNext Commercial Version 5.5