Hi guys,<\/p>\n

Advertisement

Close

I have a problem with a fortigate 100f, when a websited is blocked, it is not showing the webfilter error message, it is only saying connection reset.<\/p>\n

Advertisement

Close

Investigating a little bit, i found out that disabling app control will do the trick.<\/p>\n

Is there any way to have both tools enabled but showing the webfilter message when some site is blocked?<\/p>\n

Thanks a lot!<\/p>","upvoteCount":17,"answerCount":5,"datePublished":"2023-08-08T14:16:53.000Z","author":{"@type":"Person","name":"juanmanuelbrion","url":"https://community.spiceworks.com/u/juanmanuelbrion"},"suggestedAnswer":[{"@type":"Answer","text":"

Hi guys,<\/p>\n

I have a problem with a fortigate 100f, when a websited is blocked, it is not showing the webfilter error message, it is only saying connection reset.<\/p>\n

Investigating a little bit, i found out that disabling app control will do the trick.<\/p>\n

Is there any way to have both tools enabled but showing the webfilter message when some site is blocked?<\/p>\n

Thanks a lot!<\/p>","upvoteCount":17,"datePublished":"2023-08-08T14:16:53.000Z","url":"https://community.spiceworks.com/t/fortiguard-webfilter-block-message/956914/1","author":{"@type":"Person","name":"juanmanuelbrion","url":"https://community.spiceworks.com/u/juanmanuelbrion"}},{"@type":"Answer","text":"

We ran into that problem like 3 years ago and were told a fix was in the works.<\/p>\n

That fix never came, even after outgrowing our old FortiGate and moving to a new one.<\/p>\n

At the time, that was the latest firmware.<\/p>\n

I no longer work there but we always kept the FortiGate up to date while I was, they just never fixed that.<\/p>\n

Good luck.<\/p>","upvoteCount":2,"datePublished":"2023-08-08T14:28:25.000Z","url":"https://community.spiceworks.com/t/fortiguard-webfilter-block-message/956914/2","author":{"@type":"Person","name":"cooperjs1","url":"https://community.spiceworks.com/u/cooperjs1"}},{"@type":"Answer","text":"

I feel like if I recall, Application Control is processed before URL filtering (right before in flow mode and well before in proxy mode), so this makes logical sense on what you are describing. It’s blocking it via app control first thus no need to continue onto URL filtering. You can find which app it’s triggering in your logs, allow that app in your Application Control profile, then let the Web filter handle the website or sites however you need it to.<\/p>","upvoteCount":6,"datePublished":"2023-08-08T15:21:37.000Z","url":"https://community.spiceworks.com/t/fortiguard-webfilter-block-message/956914/3","author":{"@type":"Person","name":"rogergaudet","url":"https://community.spiceworks.com/u/rogergaudet"}},{"@type":"Answer","text":"

Yup, what @rogergaudet<\/a> ​ said - URL filtering won’t happen until later, so your App. Control will scan that stuff first. But that could depend on a lot of stuff, too – mobile vs. local, SSL traffic, yada, yada. It’ll be tough to see “both” since those filtering apps are looking at different traffic.<\/p>","upvoteCount":3,"datePublished":"2023-08-08T16:06:22.000Z","url":"https://community.spiceworks.com/t/fortiguard-webfilter-block-message/956914/4","author":{"@type":"Person","name":"chad-spiceworks","url":"https://community.spiceworks.com/u/chad-spiceworks"}},{"@type":"Answer","text":"

We have Barracuda Firewalls and behaviour is same <\/p>\n

PR_CONNECT_RESET_ERROR<\/p>\n

Well as long it is working and blocking thing needed to be blocked we are fine with it.<\/p>","upvoteCount":0,"datePublished":"2023-08-10T04:40:40.000Z","url":"https://community.spiceworks.com/t/fortiguard-webfilter-block-message/956914/5","author":{"@type":"Person","name":"herktk","url":"https://community.spiceworks.com/u/herktk"}}]}}