FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Article Id 215034


This article describes in FortiOS 6.4.x, both Telegram Desktop App and Web Version cannot be blocked by DENYING its ISDB in the firewall policy.

This problem is seen occurring only in FortiOS 6.4.x and not in FortiOS 7.x.x.

FortiOS 6.4.x does not seem to have the correct ISDB for Telegram despite manually installing the latest ISDB.




Block Telegram Web and App version on FortiOS 6.4.x.




Link to check for updated IP Range:

Telegram IP range:

1) Create these IP ranges as an Address object. Policy & Objects -> Addresses -> Create New. Concatenate all created addresses into an Address Group.

2) Use it as Destination in the firewall DENY policy.

3) To block Telegram web effectively, use wildcard expression *telegram* in both Web Filter and DNS Filter. Ensure these are then set to Block.

To add Telegram as the wildcard expression stated, need to enable 'Static URL Filter' in the Web Filter settings and 'Static Domain Filter' in the DNS Filter settings.