Challenges may emerge from the nuances of FortiGate's web filter settings and the behavior of YouTube traffic:

1. FortiGate might not block YouTube if the web browser harnesses the QUIC protocol to access YouTube.
2. The UDP ports 80 and 443, essential to the QUIC protocol, have the potential to sidestep traditional web filtering methods.

To address this issue, adhere to the following steps:

Step 1: Examine the FortiGate logs

• Access the FortiGate logs dashboard. View detailed steps on how to view logs here.
• Filter the logs for YouTube traffic and check for mentions of the QUIC protocol.
• Discern any patterns or inconsistencies that suggest the QUIC protocol is overriding the web filter.

Step 2: Formulate a Denial Policy for UDP ports

• Head to the 'Policy & Objects' section in FortiGate.
• Opt for 'IPv4 Policy' and initiate 'Create New'.
• Set up the policy to reject traffic via UDP ports 80 and 443. Ensure the source and destination align with the network configuration. Here's a detailed guide on how to create a policy.

Step 3: Implement and Verify

• Commit to and activate the freshly configured policy.
• Purge your browser's cache or restart it entirely.
• Endeavor to access YouTube and confirm if the web filter now blocks it.