We have set up application control and web control to block tik tok on 30E ( 6.2.10 firmware).
After setup all looked ok ( around half a year ago) . Now it is not working properly. When you try to access tik tok from Imac safari , it blocks it , but on the phone and ipad App and safari open tik tok.
We made sure that 4G is off on devices and only WiFi is on.
Now have tested problem in my office ( thou here we have Fortigate 40F, 7.0.5 firmware) , but if all is set up earlier, there is no problem. But if you turn off the application control and turn it on if you have safari on ( even without tik tok on) tik tok works . Even thou application control logs show tik tok was blocked. . Same problem with application. Similar issue is with coming off the 4G and getting only to wifi , if you had app on it keeps working.
Tried to block IP’s but tik tok uses local ranges , and if you block most popular IP’s it uses , it switches to different ones.
I tried DNS filtering but that did not work at all.
Hi there. It sounds like you're having some difficulty with blocking Tik Tok on your Fortigate 30E. It's definitely a tricky issue, but I'm sure we can figure out a solution. Have you tried using content filtering to block Tik Tok? That might be a good starting point. Maybe guys from Tikdroid (https://tikdroid.com/buy-tiktok-followers) might know the answer. Let us know if you have any other ideas or questions, and I'm sure we can work together to help you find a solution. I hope you figure it out at soon as possible!
It's wild how TikTok can just wiggle its way through the IP blocks, huh? Those local ranges must be its secret teleportation spots! And kudos for giving DNS filtering a shot, even if it didn't work out. At least you're exploring all the avenues!
I'm no magician, but I really hope you find a way to tame TikTok's mischievous ways. Maybe someone out there has the ultimate trick up their sleeve. Keep your spirits high and your tech tools ready! And hey, if you ever take a breather from tech troubles, feel free to dive into the world of the cheapest SMM panel.
I totally get your frustration – I've been through a similar situation myself, trying to block specific apps for security and productivity reasons at our workplace. Blocking TikTok can indeed be a challenge due to the dynamic IPs and the myriad ways it's designed to connect.
A couple of thoughts:
Application Control: The fact that the application control logs show TikTok being blocked but it still functions may indicate that only a specific component of the app or website is being flagged and not the entire ecosystem. It might be beneficial to ensure you're up-to-date with the latest application signatures from Fortinet.
Device Specific: The inconsistent results between the iMac and the mobile devices could be due to how different devices handle cached data or even due to different application versions being installed on different devices.
SSL Inspection: A lot of times, applications like TikTok use encrypted traffic. Without deep SSL inspection, the FortiGate might not be able to decipher the traffic correctly and block it. This might lead to only partial blocks or bypasses. Please be aware though, implementing SSL inspection can sometimes be complex and requires consideration for user privacy.
Persistent Connection: Mobile apps often maintain a persistent connection. This might explain why it continues to work if you switch from 4G to WiFi after the app is already opened. The actual blocking mechanism might be failing to sever already established connections.
Alternative Methods: If direct IP blocking and DNS filtering didn't work, you might consider setting up a custom block page for known TikTok URLs or use FortiGate's advanced web filtering settings. Another option, although might be a bit extreme, is to block based on User-Agent strings that pertain to the TikTok app (but this might also block other unrelated traffic).
Seek Expert Advice: Sometimes, these configurations can get tricky. Consider reaching out to a Fortinet expert or consultant who might have a deeper understanding of the nuances of the 30E and 40F appliances.
Lastly, I'm not sure if you've done this, but always ensure that the firmware is updated on your devices. Sometimes, updates resolve certain compatibility or functional issues.
Hope this helps! If you've got any other experiences or tricks up your sleeve, please share. Always looking to learn more!
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.