Description | This article describes how FortiGate could block access to the domains that are using Encrypted Client Hello. |
Scope | FortiGate 7.4 and v7.6. |
Solution |
config webfilter urlfilter end next end
The static URL filter then needs to be applied to a web filter profile:
config webfilter profile
For more information about web filtering and static URL filters, see the documentation: Configuring a web filter profile
Note: For more information, refer to the following resources: Oblivious DNS - Cloudflare Blog
config firewall ssl-ssh-profile set quic inspect end |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.