| Description | This article explains a scenario where a FortiGate device successfully blocks a website using the web filter, but the blocked page is not displayed in Google Chrome, though it appears correctly in Mozilla Firefox and Microsoft Edge. |
| Scope | FortiGate. |
| Solution |
When using FortiGate's web filter to block websites, the expected blocked page is not displayed in Chrome, even though the filter successfully blocks access. However, the blocked page is correctly shown in Firefox or Edge. Below is a breakdown of the issue:
In Google Chrome: The blocked page does not appear, and the user sees an empty or error page below.
In Firefox: The blocked page displays as expected, showing a 'blocked by FortiGate' message.
Below is the workarounds: To resolve this issue in Google Chrome, follow these steps:
Disable ML-KEM in Chrome:
Open Chrome and navigate to chrome://flags. Search for ML-KEM or look for the setting labeled 'Use ML-KEM in TLS 1.3'. Disable this setting by selecting 'Disabled' from the dropdown. Restart Chrome for the changes to take effect. Verify the Blocked Page:
Tested version. Edge version V131.0.2903.63. FireFox version V132.02. Chrome version V131.0.6778.86. FortiGate firmware versions tested: V7.0.16 and V7.4.5. Issue tested on: https://www.tab.com.au/. Web Filter category blocked: Gambling. SSL Inspection Profile: Default (Certificate Inspection). Policy Inspection Mode: Flow-based. |
