Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
MustphaBassim
New Contributor III

Application control blocking

Hello Dears

 

I am trying to using Application control to block any outside user to reach our network using proxy or vpn application take in mind my configuration is working with SSL inspection not deep one.

 

Bests 

4 REPLIES 4
AEK
Honored Contributor II

Hi

I'm not sure but I think this is not doable with application control. Probably IP reputation may do something here.

Try with the below sub-commands of config firewall policy.

set reputation-minimum ...
set reputation-direction ...
AEK
AEK
MustphaBassim
New Contributor III

Hello Dear 

Thnx for reply

It seems good but it is also blocking traffic from other parties like local ISP and same stuff ? 

Would you recommend to make it working with reputation 3 ? Is that ok ?

AEK
Honored Contributor II

Hi

According to admin guide here are the available levels.

1

Known malicious sites, such as phishing sites or sites related to botnet servers

2

High risk services sites, such as TOR, proxy, and P2P

3

Unverified sites

4

Reputable social media sites, such as Facebook and Twitter

5

Known and verified safe sites, such as Gmail, Amazon, and eBay

 

So I guess #2 is the one you are looking for.

I didn't test this feature, so i recommend you to test it well before put in production so you can see if is what you are looking for.

 

Ref:

https://docs.fortinet.com/document/fortigate/7.4.2/administration-guide/68937/ip-reputation-filterin...

AEK
AEK
AEK
Honored Contributor II

Hi

There is another possible method that you can explore, but never tested it neither. It is by creating a deny policy and use ISDB as source address, and select bad ISDBs like the below:

  • Proxy-Proxy.Server
  • VPN-Anonymizing.VPN.Server
  • Tor... etc

Hope this helps.

AEK
AEK
Labels
Top Kudoed Authors