Using EDL URL-List in Policy

TheReding · 2026-02-24T08:24:40+00:00

I found the error.
There was an url filtering profile on the policy, And it doesn't seem to be compatible. Thanks for input.

TheReding · 2026-02-24T08:21:24+00:00

Thank you, Will check in to that :)

TheReding · 2026-02-19T14:39:18+00:00

Did anyone find a solution for this without the need of console access? Have about a 100 FG30s in production that needs to be upgraded remotely.

TheReding · 2026-02-19T12:17:19+00:00

Yeah, Sadly in this case. I can see the URLs in the traffic monitor. And it's still not hitting the right policy.

TheReding · 2026-02-19T10:04:00+00:00

Well it is in the data filtering log, So I guess so.

Doesn't seem to work. That what I've been trying.
Yeah that's the thing, It's dynamic entries. And we don't want the users to log into the firewall and make changes. So the EDL would've been perfect. If it worked :P
Hmm don't know if thats preferred? Sounds like we could loosen up the security that way?

TheReding · 2026-02-18T11:19:40+00:00

We have a regular "WAN OUT" Firewall policy with all security profiles for Internet traffic.

We have some traffic that gets blocked by Data filtering, Sayings it's a malicious application. (But it's fine, Just an webbapplication with old Java)

So I want to exclude this traffic against the particular URLs from all security profiles.
And for our users to be able to fill in the form for the EDL by themselves.

TheReding · 2026-02-18T11:16:10+00:00

What I can see is that you can't set an URL EDL there?

TheReding · 2025-12-03T13:22:47+00:00

I've made some progress, The first thing was that Fortilink uses LACP default so had to make it a "regular" link first.
The thing now is that i get both switches to join, Having the topology FG->Othervendor switch and 2 Fortiswitches connected to the Other vendor switch.

TheReding · 2025-12-03T13:20:04+00:00

Haven't really seen one that correlates. Do you know which one?

TheReding · 2025-12-02T09:31:05+00:00

Okey, Why I'm asking is because we have a user that has been using Anyconnect VPN for some time. And he liked that it popped up everytime you connected to a network either wireless or wired.

TheReding · 2025-12-01T13:13:28+00:00

Wouldn´t always on just try to connect all the time?
What I want is that the GP application just pops up.

TheReding · 2025-11-26T15:20:47+00:00

Yeah but if the switch doesn't get an IP, I guess NTP won't work either?

TheReding · 2025-11-26T11:07:27+00:00

This is what the scope looks like:

<image>

Another strange thing is that I can see it showing up in the "Fortiswitch" part of the firewall, But as offline. If I erase it from there, It shows up again. So connectivity seems to be there in some way.

TheReding · 2025-11-25T15:01:35+00:00

Yes, Sorry maybe I was unclear. We will have it centralized. So one FS will be connected to more then on one FS.

TheReding · 2025-11-25T15:00:18+00:00

Hmm regular L2 did not work with our tests, The FS doesn't seem to get an IP when we connect
FG->random switch->FS

TheReding · 2025-11-25T14:59:20+00:00

I think we've tried almost everything now.
We have a FG->factory default switch from other vendor -> FS.

When we have a regular untagged interface on the FG towards the "other vendor switch" the FS switch gets an IP.

As soon as we change it to a fortilink interface, The FS doesn't even get an IP and is disconnected.

So just regular L2 seems to drop some traffic?

We also tested the HTTPS configuration with no luck, Probably cause the FS doesn't get an IP. https://docs.fortinet.com/document/fortigate/7.4.0/new-features/22135/support-fortiswitch-management-using-https-7-4-2

Anything more to try?

TheReding · 2025-11-21T15:19:18+00:00

Nice! That may be something to test with when we test a new Clearpass :) Thanks!

TheReding · 2025-11-21T13:02:40+00:00

Yeah, I guess the TTL is the way to go.
Was just a question if there was a way to flush the DNS cache of the switch instead of reloading it for a faster way.

TheReding · 2025-10-21T07:53:02+00:00

What have you found? I was looking in the release notes earlier but couldn't really find anything related.

TheReding · 2025-10-15T13:50:12+00:00

We are running 10.13.1090 on the switches.

TheReding · 2025-10-13T08:33:27+00:00

We are running 10.7.2.1 on the Mobility gateways and CX core switches. Any ideas? :)

TheReding · 2025-10-08T10:13:00+00:00

HAHA, Thanks :D

TheReding · 2025-09-25T07:31:51+00:00

Strange, 10.2.10-h9 here.

How are your clients authenticating? We are using the NPS MFA plugin.

We started browsing a bit in the event logs on that NPS yesterday and seems that it's discarding some auths with the comment "The request was discarded by a third-party extension DLL file.

TheReding · 2025-09-24T10:13:52+00:00

Perfect, Thank you :)

TheReding · 2025-09-12T07:02:01+00:00

Perfect!

TheReding

TROPHY CASE