Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
adubinina
Staff
Staff

Created on ‎05-22-2017 02:14 AM Edited on ‎01-09-2026 12:54 AM By Community Manager

Article Id 191832

Technical Tip: How to block Google Mail by Web Filter

Description

 
This article describes how to block Google Mail by using a URL filter.
 
Scope
 
FortiGate.


Solution

 
  1. Configure the URL filter to block the following domains:

    • *gmail* - wildcard - block.
    • mail.google.* - wildcard – block.
    • accounts.google.com - Simple - block.

  2. Apply the web filter and SSL Deep Inspection in the policy.

  3. Import the CA certificate into the browser in order to avoid certificate errors.
    This configuration blocks Gmail when accessing it directly, as well as via Google Search.

     

Note:

This additional step is mandatory: block QUIC protocol using application control or UDP 443; this way, the connection will be over TCP/UDP.

 

As of FortiOS v7.2.0, the option to allow or block QUIC has been removed. Refer to this article: Remove option to block QUIC by default in application control 7.2.4 for more information. To allow/block QUIC, use the Application and Filter Overrides -> Create New -> Search QUIC and add a 'block' action.

 

Refer to this article: Technical Tip: How to block/disable QUIC.


The following references may also be of interest:

14367
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2026 Fortinet, Inc. All Rights Reserved.