Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
micycle
New Contributor

Created on ‎01-14-2021 12:23 AM

Correct way to block a domain

 I've been trying to figure what is right way (that also works best) to fully block access to a domain.

From my understanding there are 3 options:

* Block address of type FQDN

* Web filter

* DNS filter

 

Thing is I had issues with each one:

FQDN - (From this thread I understand that FQDN wouldn't be useful when blocking a domain that is connected to numerous IPs https://forum.fortinet.com/tm.aspx?m=188725&tree=true).

Web filter - web filter does block the domain when accessed through a browser. But won't block a ping request, which makes me worry it won't block other connections with the domain.

DNS filter - I have created a DNS filter but it does not seem to block the domain, so I am wondering whether it is not properly configured. This is how I set it up:

 

(Didn't matter which kind of inspection I set to the policy, and for the DNS filter itself, I tried both Simple option and Reg. Expression.)

 

So the question is:

Which one I should use to fully block access to a domain, and what is wrong with what I am doing with the option that is recommended?

Preview file
49 KB
3874
0 Kudos
0 REPLIES 0
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.