Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
aduneo
New Contributor

Application control doesn't work in chrome

Hello

I created application control rules to block twitch in fortigate 60E, but this rules doens't work in Chrome.

I tested on all other browser and it's work's good excepted for chrome, have you got any idea ?

18 REPLIES 18
aduneo

I block QUIC directly in application control profile

 

firefox_vU2KNcuEMI.png

fricci_FTNT

Thank you for your confirmation. So I guess if you use Chrome and try to sniff packets in Wireshark from your test client filtering for UDP 443 (udp portrange 443), you do not see any packet, right?

QUIC-wireshark-filter.PNG

 
I think this needs to be investigated more deeply, it might be easier to raise a ticket in FortiCare so you can properly upload your config and logs.

Were you able to collect the debug flow logs earlier?

Best regards,

---
If you have found a useful article or a solution, please like and accept it to make it easily accessible to others.
aduneo

yes when i start wireshark i do not see any packet.

I think we open ticket in forticare for this probleme.

 

No i haven't collected the debug flow logs yet.

But after some test i see my application control rule  doesn't work on any browser, because when i try on firefox i have a message :

The page you have requested has been blocked because the URL is banned.

 

When application control rules doesn't work, i created a webfilter and these rules work but not on all browsers.

 

This is a very old configuration of Fortigate and I think the easiest way would be to do a factory reset and start a new clean configuration

 

 

smaruvala
Staff
Staff

Hi,

 

- Are you using full inspection or only certificate inspection?

- Traffic logs in Chrome shows the application identified as HTTPS Browser. Do you see the application as twitch when the Firewall blocks?

- What is the version of the Chrome you are using? It is very odd that the firewall is able to block it when using Brave which is a chrome based browser. 

- Was this working before? I just wanted to make sure the issue did not start after the upgrade of the application database.

 

Regards,

Shiva

aduneo

Hello,

We use SSL certificate inspection.

We do not see application twitch because the firewall do not block, when i test on firefox or brave it's the webfilter rules who block this site not application control.

My version of chrome is Version 119.0.6045.124 (Build officiel) (64 bits)

I think the application control doesn't work before for twhitch

smaruvala

Hello,


- I can see a new chrome version available. You can try in the latest chrome version as well.

- Is it possible to change the inspection to deep inspection and test it? If yes then its a good test worth trying. 

- Another option we have is to check the debugs and captures for working and non-working scenario.

 

Regards,

Shiva

aduneo

When you say to try the inspection to deep inspection you want to say full inspection ?

smaruvala

Hi,

Yes, you are correct.

Regards,

Shiva

pminarik
Staff
Staff

If the firewall policy is in flow-mode inspection, try switching to proxy-mode:

flow_to_proxy.png

Otherwise I would suggest opening a case with the TAC, this looks like it will need more intensive "digging" to get to the cause.

[ corrections always welcome ]
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors