This article describes how to allow access to one YouTube channel and block all other channels. Assume that only a specific channel is allowed to be browsed, and related videos (inside the channel) shall be allowed too. However, all other videos should be blocked.
config videofilter youtube-key edit 1 set key "***********" next end
Configure the channel override list and set action to monitor or accept by using the following CLI commands:
config videofilter youtube-channel-filter edit 1 set name "blk youtube" config entries edit 1 set action monitor set channel-id "UCJHo4AuVomwMRzgkA5DQEOA" next end next end
Configure the Video profile and set all other categories to block by using the following CLI commands:
config videofilter profile edit "blk youtube" set default-action block set youtube-channel-filter 1 config fortiguard-category config filters edit 1 set action block next edit 2 set action block set category-id 1 next edit 3 set action block set category-id 2 next edit 4 set action block set category-id 3 next edit 5 set action block set category-id 4 next edit 6 set action block set category-id 5 next edit 7 set action block set category-id 6 next edit 8 set action block set category-id 7 next edit 9 set action block set category-id 8 next edit 10 set action block set category-id 9 next edit 11 set action block set category-id 10 next end end next end
Configure a policy with deep inspection as shown below:
config firewall policy edit 2 set type explicit-web set name "Policy_Youtube" set uuid 28287bca-e9f7-51ef-308f-9ceb3c7c7756 set dstintf "port1" set srcaddr "all" set dstaddr "all" set action accept set schedule "always" set service "webproxy" set explicit-web-proxy "web-proxy" set utm-status enable set logtraffic all set log-http-transaction enable set extended-log enable set ssl-ssh-profile "wf-deep-forti-ca" set videofilter-profile "blk youtube" next end
