Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Steven_Lengua
New Contributor

Created on ‎09-12-2014 09:17 AM

Allow Skype Out Through 600C

In Application Control > Application List I have Skype listed. At this point we need Skype to be allowed out. However when I go to edit this Application in the list, the Edit is grayed out. Even the delete is Grayed out. How can I edit so that Skype is allowed out? Probably a silly question, but I' m new to Fortinet. Checkpoint guy here. Thanks in advance.

CAlengua

CAlengua
26673
0 Kudos
8 REPLIES 8
jorge9090
New Contributor

Created on ‎09-12-2014 11:10 AM

Seems like you don' t have permissions on that account. Try login in with the admin account and try again.
5676
0 Kudos
Steven_Lengua
New Contributor
In response to jorge9090

Created on ‎09-12-2014 01:56 PM

Are you able to edit applications in Security Profiles > Application List ? I attached a pic and you can see where the edit and delete are grayed out.

CAlengua

CAlengua
Preview file
68 KB
5675
0 Kudos
Fullmoon
Contributor III
In response to Steven_Lengua

Created on ‎09-12-2014 06:14 PM

Im not sure we are allowed to edit Application Lit, if you want to allowed Skype then you should use Application Sensor. See the attached file for your reference. Once done apply that Application Profile to the desired policy most likely from Internal-->External Interface.

Fortigate Newbie

Fortigate Newbie
Preview file
76 KB
5675
0 Kudos
ede_pfau
SuperUser
SuperUser

Created on ‎09-14-2014 06:53 AM

The Application List is just that, the list of application (detection patterns) that is current from FortiGuard. This is by it' s very nature neither editable nor deleteable (I hope these adjective exist...). You use one or more application signatures in Application Sensors. You can enter one or several applications or even application categories into a sensor, and then specify this sensor to be used in a policy. Example: I suppress peer-to-peer apps by default. So, I create a new App sensor and add the ' P2P' category. Unfortunately, Skype belongs to this category but needs to be allowed often. So, I add another entry ABOVE the P2P category, with just ' Skype' as a single application. ' Skype' is allowed, the ' P2P' category is set to be blocked. Then this sensor is specified in the ' internal' -> ' wan' policy.
Ede Kernel panic: Aiee, killing interrupt handler!
Ede Kernel panic: Aiee, killing interrupt handler!
5675
0 Kudos
Steven_Lengua
New Contributor

Created on ‎09-15-2014 12:27 PM

Awesome! Thanks! I think I may have done it in a roundabout way but the results were positive. Below is how I configured it based on what you all told me. It' s working but not sure if this is the most efficient way to allow this.

CAlengua

CAlengua
Preview file
40 KB
5675
0 Kudos
neonbit
Valued Contributor

Created on ‎09-15-2014 06:51 PM

^ That' s how I always configure my FortiGates if customers want to allow Skype and block P2P :)
5676
0 Kudos
ede_pfau
SuperUser
SuperUser

Created on ‎09-16-2014 12:49 AM

Ya, perfectly!
Ede Kernel panic: Aiee, killing interrupt handler!
Ede Kernel panic: Aiee, killing interrupt handler!
5676
0 Kudos
3pointD
New Contributor

Created on ‎10-02-2014 04:43 PM

I used this method as well while back when I came up against it but what if I don' t want to monitor Skype and have it filling up my App Control log with entries? I can' t see any way to do this... Any thoughts?
5676
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.