Not Working | Fortigate Web Rating Override

And the override? Overrides only work when the FortiGuard rating is successful . If the rating fails, the override is never even checked. The firewall sees an unrated URL and says, “I don’t know this site, and I can’t check, so… block.”

If your FortiGate is in , creating a Web Rating Override in the root VDOM (or a management VDOM) does not automatically apply it to the traffic-processing VDOMs. fortigate web rating override not working

Not a category block. An error .

Marcus realized the truth. The FortiGuard servers had been unreachable for the past six hours due to a DNS failure on WAN2. When a FortiGate can’t reach FortiGuard, it doesn't just "allow everything" – it falls back to a default action. In his profile, the fallback was set to . And the override

He cleared his browser cache. Nothing. He tried a different PC. Blocked. He even set the override to “Allow” for the entire domain. Still, the FortiGate returned a cheerful yellow block page: Category: Adult / Sex Education. The firewall sees an unrated URL and says,

Creating the override only re-categorizes the site. You must still ensure the Web Filter Profile applied to your firewall policy is configured to allow or block that specific new category.

He ran diagnose debug flow on the firewall. The logs showed the traffic hitting the correct policy. It matched the URL. It applied the webfilter profile. Then, the magic: