Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
ameif56hgt
New Contributor II

Facebook Just Wont Die

I guess the title says it all.  I block Facebook in a web profile with *.facebook.com. and its the first item, with action to block. (I block Meta as well.)  I have an application profile with the first override to block the facebook application.  My DNS server has the DNS for Facebook to be blocked.  I've never had a facebook account and never installed a facebook app on my computer, and nobody in my house uses facebook.  But, as you can see, sometimes its blocked, other times its not a moment later. What am I missing here??

 

Facebook Not Blocked.png

 

 

12 REPLIES 12
ameif56hgt

I should also say, if I do type in Facebook.com in a browser, I do get a Fortigate messages saying the Facebook APPLICATION is blocked, so that is working.  

 

So, I guess I am going to have to live with it.

ameif56hgt
New Contributor II

OK I fixed it, just not the way I should have to.  The two IP addresses at Facebook my computer and iPhones were contacting had IP addresses in the 31.13.70.X and 31.13.90.X ranges, so I just added a firewall rule to block those two IP ranges. Works like a charm.  I do not know why a Web filter can identify Facebook track, and Facebook applications but neither seems to reliably block it.  It clearly shows Facebook application ID 15832, which I BLOCK, but it doesn't.  

Genobaseball10

Nice find! I'm not sure why it wasn't working for you. When I did a wildcard of *Facebook.com in my homelab, I wasn't able to access any of Facebook or its features on any device. Sorry for the inconveneince!

CCNA | FCP | CWNA
CCNA | FCP | CWNA
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors