Hi all
We have a Fortigate 200E in our school firmware is upto date.
Problem is Facebook is blocked for Staff and pupils on the static web filter and social media is blocked in categories.
But both staff and pupils can access Facebook if they use Google Chrome but cant if the use Edge or Internet Explorer.
What am i missing?
Thanks
What is the exact soft version? 6.0.5 or 6.2.0?
I assume your FGT works in the flow based mode, correct?
You can add application control as an additional security profile and block FB too.
I understand you perform SSL deep inspection. What certificate you see when access by Chrome? Issued by Fortinet?
In Fortiview, check the service or Application column for the device in question to see if visiting Facebook is being done on UDP port 443, which is Googe's QUIC protocal, that Google Chrome tries to default to using whenever possible. We had to block this protocol on a few of our own fgts.
NSE4/FMG-VM64/FortiAnalyzer-VM/6.0 (FWF30E/FW92D/FGT200D/FGT101E/FGT81E)/ FAP220B/221C
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1735 | |
1107 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.