- Forums
- Knowledge Base
- Customer Service
- FortiGate
- FortiClient
- FortiAP
- FortiAnalyzer
- FortiADC
- FortiAuthenticator
- FortiBridge
- FortiCache
- FortiCarrier
- FortiCASB
- FortiConnect
- FortiConverter
- FortiCNP
- FortiDAST
- FortiDDoS
- FortiDB
- FortiDNS
- FortiDeceptor
- FortiDevSec
- FortiDirector
- FortiEDR
- FortiExtender
- FortiGate Cloud
- FortiGuard
- FortiHypervisor
- FortiInsight
- FortiIsolator
- FortiMail
- FortiManager
- FortiMonitor
- FortiNAC
- FortiNAC-F
- FortiNDR (on-premise)
- FortiNDRCloud
- FortiPAM
- FortiPortal
- FortiProxy
- FortiRecon
- FortiRecorder
- FortiSandbox
- FortiSASE
- FortiScan
- FortiSIEM
- FortiSOAR
- FortiSwitch
- FortiTester
- FortiToken
- FortiVoice
- FortiWAN
- FortiWeb
- Wireless Controller
- RMA Information and Announcements
- FortiCloud Products
- ZTNA
- 4D Documents
- Customer Service
- Community Groups
- Blogs
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
- Fortinet Community
- Forums
- Support Forum
- RE: Facebook blocked only on IE, Unable to block ...
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Facebook blocked only on IE, Unable to block on Firefox and Chrome
I have Fortigate 80C - v4.0,build0665,130514 (MR3 Patch 14). And Web filtering is enabled. The issue is Web Filtering is only works with IE (Not all Categories). When Its open in Firefox or Chrome filtering not working. At the moment its having with www.facebook.com. IE blocks (Both http and https) with " Category: Social Networking" But Chrome and Firefox allowed to access the same. Please assist..
5 REPLIES 5
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
This sounds like a problem with your network architecture.
Can you describe this a bit more? How many ISPs do you have at the problem site? How many firewalls? How many other proxies?
" …you would also be running into the trap of looking for the answer to a question rather than a solution to a problem." - [link=http://blogs.msdn.com/b/oldnewthing/archive/2013/02/13/10393162.aspx]Raymond Chen[/link]
" …you would also be running into the trap of looking for the answer
to a question rather than a solution to a problem." -
[link=http://blogs.msdn.com/b/oldnewthing/archive/2013/02/13/10393162.aspx]Raymond
Chen[/link]
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Damitha. Welcome to the forums. Are you able to replicate (or confirm) this problem is happening on the same workstation with all three web browsers involved? Is there an explicit web proxy enabled on the Fortigate and/or on the network? (Are all 3 browsers on the workstation configured to use the same network or proxy settings?) Doubt this could be what' s happening in your case (thought curious to know if it is) but something that was pointed out in this thread that Google Chrome (and Firefox) are starting to use SPDY if a website like Facebook supports it.
NSE4/FMG-VM64/FortiAnalyzer-VM/6.0 (FWF30E/FW92D/FGT200D/FGT101E/FGT81E)/ FAP220B/221C
NSE4/FMG-VM64/FortiAnalyzer-VM/6.0
(FWF30E/FW92D/FGT200D/FGT101E/FGT81E)/ FAP220B/221C
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
There is only one Internet Link. one Firewall. No any other proxies. I tried with different workstations but result is same. All browsers share same proxy settings. (No Proxy) At the moment I see this issue only by accessing facebook. Other sites are blocking perfectly.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
At the moment I see this issue only by accessing facebook. Other sites are blocking perfectly.In that case, I would check the web filter/Ratings Override/app sensors that is applied to web traffic to see if facebook have not inadvertently been allowed somewhere. Edit: scratch that. If problem is only happening in Chrome and Firefox but not in IE then the problem is may be something else. Perhaps maybe just blocking facebook outright via fqdn (one each for facebook.com, www.facebook.com, s-static.ak.facebook.com) at the firewall level as a temp solution for now.
NSE4/FMG-VM64/FortiAnalyzer-VM/6.0 (FWF30E/FW92D/FGT200D/FGT101E/FGT81E)/ FAP220B/221C
NSE4/FMG-VM64/FortiAnalyzer-VM/6.0
(FWF30E/FW92D/FGT200D/FGT101E/FGT81E)/ FAP220B/221C
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
There is only one Internet Link. one Firewall. No any other proxies. I tried with different workstations but result is same. All browsers share same proxy settings. (No Proxy) At the moment I see this issue only by accessing facebook. Other sites are blocking perfectly.Can you access facebook via the following URL in IE: https://www.facebook.com ? If so, you can stop here and post a response. If not, continue... Can you run the following debug command, accessing facebook on chrome and post the output: 1) Start debugging:
diag debug flow filter clear diag debug reset diag debug enable diag debug flow show console enable diag debug flow filter addr 192.168.100.2 #[where ' 192.168.100.2' is the IP address of the client you will be testing access from] diag debug flow show function-name enable diag debug flow trace start 5002) Access facebook in chrome on 192.168.100.2 3) Stop debugging:
diag debug flow show console disable diag debug flow trace stop diag debug flow filter clear diag debug disable diag debug resetThis determines which policy the packets are being qualified for, and will pinpoint which web filter policy is affecting traffic. Thanks, Matt
" …you would also be running into the trap of looking for the answer to a question rather than a solution to a problem." - [link=http://blogs.msdn.com/b/oldnewthing/archive/2013/02/13/10393162.aspx]Raymond Chen[/link]
" …you would also be running into the trap of looking for the answer
to a question rather than a solution to a problem." -
[link=http://blogs.msdn.com/b/oldnewthing/archive/2013/02/13/10393162.aspx]Raymond
Chen[/link]
Related Posts
- Facebook Just Wont Die 611 Views
- Facebook blocked and not blocked with... 1479 Views
- Application filtering does not work 291 Views
- Web Filter does not work properly... 673 Views
- ZTNA Access Denied with Forticlient on... 1787 Views
Labels
-
FortiGate
6,539 -
FortiClient
1,304 -
5.2
801 -
5.4
639 -
FortiManager
563 -
6.0
416 -
FortiAnalyzer
414 -
5.6
362 -
FortiSwitch
333 -
FortiAP
333 -
FortiClient EMS
263 -
6.2
251 -
FortiMail
243 -
FortiAuthenticator v5.5
234 -
5.0
196 -
FortiWeb
150 -
6.4
128 -
FortiNAC
106 -
FortiGuard
102 -
FortiSIEM
88 -
FortiGateCloud
87 -
FortiCloud Products
84 -
IPsec
73 -
Customer Service
70 -
FortiToken
69 -
4.0MR3
64 -
SSL-VPN
60 -
Wireless Controller
58 -
FortiProxy
44 -
FortiADC
42 -
Fortivoice
41 -
FortiEDR
39 -
FortiGate v5.4
34 -
FortiDNS
34 -
FortiExtender
31 -
FortiSandbox
31 -
FortiSwitch v6.4
28 -
Firewall policy
24 -
SD-WAN
24 -
FortiConnect
23 -
FortiWAN
22 -
FortiConverter
21 -
VLAN
20 -
High Availability
20 -
FortiPortal
18 -
ZTNA
16 -
FortiSwitch v6.2
16 -
FortiGate v5.2
16 -
FortiMonitor
14 -
Certificate
14 -
DNS
13 -
FortiDDoS
13 -
SAML
12 -
BGP
12 -
Routing
12 -
FortiAuthenticator
12 -
FortiCASB
12 -
Interface
11 -
Logging
11 -
FortiGate v5.0
10 -
LDAP
10 -
FortiRecorder
10 -
VDOM
10 -
FortiWeb v5.0
9 -
FortiManager v5.0
9 -
Virtual IP
9 -
NAT
9 -
4.0MR2
9 -
RADIUS
8 -
Traffic shaping
8 -
SSID
7 -
RMA Information and Announcements
7 -
SSL SSH inspection
7 -
FortiSOAR
7 -
fortilink
7 -
FortiAnalyzer v5.0
7 -
FortiGate v4.0 MR3
7 -
Admin
7 -
4.0
7 -
Security profile
6 -
Authentication
6 -
Fortigate Cloud
6 -
IP address management - IPAM
6 -
Traffic shaping policy
5 -
FortiBridge
5 -
SNMP
5 -
SSO
5 -
Application control
5 -
FortiManager v4.0
5 -
Static route
5 -
FortiDirector
4 -
WAN optimization
4 -
Web application firewall profile
4 -
DNS Filter
4 -
FortiTester
4 -
FortiCarrier
4 -
FortiCache
4 -
OSPF
4 -
3.6
4 -
FortiScan
4 -
Proxy policy
4 -
IPS signature
3 -
packet capture
3 -
FortiToken Cloud
3 -
FortiAP profile
3 -
Automation
3 -
Intrusion prevention
3 -
DoS policy
3 -
Port policy
3 -
FortiDB
3 -
FortiDeceptor
2 -
FortiInsight
2 -
NAC policy
2 -
Antivirus profile
2 -
VoIP profile
2 -
Traffic shaping profile
2 -
Web profile
2 -
FortiAI
2 -
FortiHypervisor
2 -
Netflow
2 -
Fortinet Engage Partner Program
2 -
trunk
2 -
Schedule
1 -
4.0MR1
1 -
SDN connector
1 -
Users
1 -
Subscription Renewal Policy
1 -
FortiCWP
1 -
FortiNDR
1 -
FortiPAM
1 -
Web rating
1 -
Application signature
1 -
Authentication rule and scheme
1 -
Multicast routing
1 -
FortiManager-VM
1 -
Zone
1 -
Internet Service Database
1 -
System settings
1 -
Explicit proxy
1 -
TACACS
1
Broad. Integrated. Automated.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Security Research
Company
News & Articles
Copyright 2024 Fortinet, Inc. All Rights Reserved.