Unable to Block HTTPS Facebook and Youtube in Google Chrome

Forum|Forum|6 years ago
December 2, 2019
1 reply
14822 views

Hi,

I'm having an issue blocking [link]https://facebook.com[/link] and [link]https://youtube.com[/link] sites in the latest browser Google chrome and Firefox, I already block the Social Media in Web Filter also in Application control, but when I check the logs & Reports in fortigate the result was Facebook and youtube was Blocked., but the sites are still accessible in client. I also use URL Filter but same issue.

Thank you,

Dave_Hall

New Member

I would check to see if the issue is related to Google's QUIC Protocol (UDP port 80, 443), which both Google Chrome and Firefox will try to use if a website supports this protocol. In FortiView, under destination the fgt may list QUIC if it is being used. KB FD36680 provides 3 possible ways to block this protocol usage.

The other thing about facebook/youtube is (at least in youtube) both sites use wild card *. security certificate. Keep this in mind if the fgt is not using deep packet inspection mode.

quic.jpg

green_appleAuthor

New Member

Dave Hall - BTW thank you, I add the QUIC services in Fortigate then create a 2 new Policy with same IP range, one is I deny the QUIC then the other one is the policy for Internet allowed policy, It's works in Firefox but not in Google Chrome., Still accessible.

I also block the QUIC in Application Control, is their any way that I can block facebook and youtube from accessing that I can add in my FW, thanks thank sir so much appreciated the suggestion and help.

green_appleAuthor

New Member

Here is the logs from the Forward traffic, but the site was still accessible even I block the QUIC in Application control and deny the UDP port 443 and port 80

TIA.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded