Technical Tip: How to see the block page from FortiGate when trying to block YouTube (or any other site) using application control

1. Use application control to block YouTube:

2. Enable the option 'Replacement Messages for HTTP-based Applications' on the same application security profile.

3. If application control is used as security UTM (profile) to block YouTube, it is necessary to use deep packet inspection on the policy. If deep packet inspection is not used, it might block it, but it will show that 'This site can't be reached'.

4.  if deep packet inspection is still used and the certificate is not installed on the user end, it will show this:

5. This means it is a certificate issue. At this time it is necessary to make sure to have that deep packet inspection certificate installed on the user end: Technical Tip: How to enable deep inspection and i... - Fortinet Community
6. To see the block page from here, it is necessary to use deep packet inspection on the policy, also make sure the policy is supposed to be in flow mode only and the certificate should be already installed on the user end as per step 4.

Make sure all these steps are correct and if still does not work, contact Fortinet Support:

https://support.fortinet.com/welcome/#/