Skip to main content
Asim_Raza
Asim_Raza
New Member
March 21, 2018
Question

Blocking facebook Videos & Chat

  • March 21, 2018
  • 1 reply
  • 8154 views

Hi, 

We have Fortigate 60E in our network. I tried to block facebook chat and videos while allowing facebook which didn't work. All the users are accessing facebook through web i-e //https. I have done settings in 'Application Control' where i have added Application Signature for facebook Chat & Videos = Block. But it's not working. What other configuration or settings are required to Block only Facebook Chat and Videos? Need your kind response. Thank You 

    1 reply

    Bubu
    Bubu
    New Member
    March 21, 2018

    Hi Asim,

    Usually, you don't need anything else, just enabling the App Control on the policy. Can you send a screenshot of your Application Control configuration? Otherwise, with version 5.4, there is the CASI (Cloud Access Security Inspection) feature that can be useful to you.

    BR

    Bubu

    Asim_Raza
    Asim_RazaAuthor
    New Member
    March 21, 2018

    Hi BABU,

     

    I have Fortigate 60E, Firmware V5.6.2. I have done the required basic settings in Application Control like FB is allowed and in Application Signature only FB Chat & Videos are BLOCKED. In Web Filtering i didn't change anything. Now you are saying you have to enable CASI, which i can't see in Fortigate Security Profiles. How can i enable it then when it's not available in Fortigate. I have checked that in Feature Visibility too where you can get the required feature you want to enable.  Any idea what can be done ?

    Thank You

     

    Bubu
    Bubu
    New Member
    March 21, 2018

    1. Check which policy is used when you browse facebook.com diagnose debug flow filter saddr "source address" diagnose debug flow filter dport "destination port 443" diagnose debug enable diagnose debug flow trace start 30

    Browse to facebook.com from your source address diagnose debug disable diagnose debug flow trace stop Check which policy is used (policy_id)

    OR

    Policy & Objects > IPv4 Policy > Policy Lookup

    OR

    Check your forward logs

    If it's the right policy, it means you have a problem with App Control. This will save you looking elsewhere.

    Terms & ConditionsAccessibility statement