This section contains tips to help you with some common challenges of FortiGate web filtering.
The Web Filter option does not appear in the GUI.
Go to Feature Select and enable Web Filter.
New Web Filter profiles cannot be created.
Go to Feature Select and enable Multiple Security Profiles.
Web Filtering has been configured but is not working.
Make sure that web filtering is enabled in a policy. If it is enabled, check that the policy is the policy being used for the correct traffic. Also check that the policy is getting traffic by going to the policy list and adding the Sessions column to the list.
An active FortiGuard Web Filtering license displays as expired/unreachable.
If this occurs, make sure web filtering is enabled in one of your security policies. The FortiGuard service will sometimes show as expired when it is not being used, to save CPU cycles.
If web filtering is enabled in a policy, go to your FortiGuard settings and expand Web Filtering. Under Port Selection, select Use Alternate Port (8888). Select Apply to save the changes. Check whether the license is shown as active. If it is still inactive/expired, switch back to the default port and check again.
The post Troubleshooting web filtering appeared first on Fortinet Cookbook.