By default, FortiGate is configured to use HTTPS when performing live web filtering with FortiGuard servers.
Which CLI command will cause FortiGate to use an unreliable protocol to communicate with FortiGuard servers for live web filtering?
- set fortiguard-anycast disable
- set webfilter-force-off disable
- set webfilter-cache disable
- set protocol tcp
Answer(s): A
Explanation:
y default, "fortiguard-anycast" is enabled, and this setting only works with "set protocol https". To use udp (ie. "set protocol udp"), "fortiguard-anycast" must be disabled.
Reference:
https://kb.fortinet.com/kb/documentLink .do?externalID=FD48294
"By default, FortiGate is configured to enforce the use of HTTPS port 443 to perform live filtering with FortiGuard or FortiManager. Other ports and protocols are available by disabling the FortiGuard anycast setting on the CLI."
Reveal Solution Next Question