Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
van_sta
New Contributor III

Created on ‎07-31-2024 04:21 AM

Except url from web filter and application control

Good morning: I have a policy that blocks social networks, I block them in web filter and application control but I have to except developers.facebook. com but I couldn't do it. I excepted it in deep inspection and in web filter I put that address to exclude it but it still blocks me. How can I do?

 

Thank you so much

Labels:
405
0 Kudos
3 REPLIES 3
Mirlik
New Contributor

Created on ‎07-31-2024 04:50 AM

Hello, it is hard to tell. Visit that facebook page and check security events in Log & Report tab. By that you can tell, which security profile is blocking your traffic. I would guess, that you need to make exception in App control aswell. 

387
rsondal
Staff
Staff

Created on ‎07-31-2024 05:37 AM

Hi, 

In this case-:

1. Please do the test from one source ip.

2. So now as its still blocks you, please go to your UTM logs (web filter logs and application logs).

3. In both the logs tab, filter for your specific source ip and check if you are able to see any logs for Facebook as destination.

4. double click on that log it should show you details like which policy its hitting.

5. If still you are not able to see, then please use below commands on CLI to check what policy the source ip is hitting so you can see if that policy is blocking or not-:
dia sys session filter src x.x.x.x (source ip)
dia sys session list | grep policy_id

6. If still you are not able to find out the error. i would suggest opening a ticket with TAC team so one engineer can help you remotely.

376
van_sta
New Contributor III
In response to rsondal

Created on ‎08-01-2024 05:14 AM Edited on ‎08-01-2024 05:19 AM

Rsonsal thanks for your reply.

I did what you said and I get this:

 

In web Filter:

Action

passthrough

Policy ID

Sistemas_vc (46)

Policy UUID

d42f1f5c-14db-51ee-c4a8-8a1cf78926d8

Policy Type

Firewall

 

 

Profile Name

WEBFILTER-sistemas

Request Type

direct

Direction

outgoing

URL Filter Index

21

URL Filter List

Auto-webfilter-urlfilter_u4ro4nn9c

Message

URL was exempted because it is in the URL filter list

 

In application control

I only have this url static.xx.fbcdn.net

Destination

IP

31.13.67.20

Port

443

Country/Region

United States

Destination Interface

 Fiberway (wan2)

Hostname

static.xx.fbcdn.net

URL

/

 

Application Control

Sensor

APPFILTER-sistemas

Application Name

Facebook

ID

15832

Category

Social.Media

Risk

 

Protocol

6

Service

SSL

Message

Social.Media: Facebook

Action

Action

block

Policy ID

Sistemas_vc (46)

Policy UUID

d42f1f5c-14db-51ee-c4a8-8a1cf78926d8

Policy Type

Firewall

In application control (Application and filter overrides)

Screenshot 2024-08-01 091654.png

 

In ssl I except developers.facebook.com, this policy has deep inspection.

Best regards.

313
0 Kudos
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.