Screen OS

Hello all,

I have configured Web Filtering rules at SSG 20

I have added some custom categories and it works.

But sometimes there are records in the event log like this one below ( for example 😞

UF-MGR: URL BLOCKED: 192.168.100.3(2269)->74.125.153.147(80) bp0.blogger.com/_umr7psgwaaw/sf9qbd0b-mi/aaaaaaaaeji/baqjgjgm7gm/s400/yurika-m CATEGORY: default REASON: BY_FAIL_MODE PROFILE: Saintpeter

It is so weird because i can't find the default category in my custom Web Filtering category or in the pre defined category.

Has anybody got the same problem like this ?

Regards,

Leo

Reason BY_FAIL_MODE implies that the URL was blocked as a result of URL filtering not able to send to UF server and fail mode was set to block. So basically the UF engine needed to check the URL, but the UF engine could not for whatever reason (could be UF server was not reachable at that time). So with fail-mode block the URL will not be permitted. You can set fail-mode to permit if you would rather allow the URL if there is a problem with the UF engine.

Example:

set url protocol sc-cpa

set fail-mode permit

exit

-Richard

@ rkim

Your idea is works.

Thanks bro

Hi Richard,

I search all around and only found this message you suggested.  I did your sample. but still showing the reason BY_FAIL_MODE, but the profile is different.

Does the fail mode permission goes by profile? If so, how can I change to another profile and set the fail mode permission?

Thanks,

Eric.