General Discussions

FortiEMS with synced profiles

  • 1.  FortiEMS with synced profiles

    Posted Jul 22, 2021 05:20 AM

    Dear Forums,

    i am currently testing and setting up our FortiiEMS within our environment, but i am currently using synchronized profiles from our fortigate. Nothing too difficult. I am currently using it this way due to the missing options of not being able to limit users with quotas on fortiEMS. Fortigate gives you the option to limit users on specific FortiGuard categories.

    There is one setting i am currently trying to allow traffic but can't seem to find it on my fortigate. i have the Unrated category set to allow and block malicious URL's discovered by FortiSanbox disabled.

    What i am trying to avoid is, users getting errors on websites that fall under the category Unknown.

    What i could understand from people getting the same error they corrected it by editing the XML file and allowing the following line(bolted):

    <fortiguard>
    <enabled>1</enabled>
    <rate_ip_addresses>0</rate_ip_addresses>
    <use_https_rating_server>0</use_https_rating_server>
    <use_legacy_fdn>1</use_legacy_fdn>
    <action_when_unavailable>deny</action_when_unavailable>
    <restrict_services_to_regions></restrict_services_to_regions>
    </fortiguard>

    They have switched this to allow.

    My question is, is there a way to set this to allow on the fortigate and not within the XML file?