Fortigate 6.2.2 unable to block zenmate proxy

Javed_Bashir · ‎02-28-2020

Hi, we configured blocking web proxy using web filter and application control. But Fortigate FG-100E using 6.2.2 is fail to block zenmate proxy, even we configured Inspection Mode in Proxy-based and enable deep inspection on policy, but still can users zenmate and bypass Firewall policy. kindly suggest solution. Thanks Regards, Javed Bashir

Dave_Hall · ‎02-28-2020

Zenmate is listed on the Fortiguard site as a VPN, so trying to block it via classifying it as a web proxy may not work 100%. Keep in mind that firewall polices (rules) are executed from top-to-bottom, so if you have crafted web filter rules - it should be applied to outgoing web traffic - this rule should be moved up in the firewall rule chain so it can be triggered.

A google search on blocking zenmate seems to indicated this browser-add-on calls home (e.g. zenguard.biz, zenguard.org, zenmate.io, etc.) - you should be able to craft url filters to block those domains.

Learn to use the FortiView->sources and drill down to a device's indivdual sessions to see what exactly is going on. If a site is not blocked, drill down into that session and see what the fgt says about what firewall policy is allowing that traffic through.

NSE4/FMG-VM64/FortiAnalyzer-VM/6.0 (FWF30E/FW92D/FGT200D/FGT101E/FGT81E)/ FAP220B/221C

Fortigate 6.2.2 unable to block zenmate proxy

Nominate a Forum Post for Knowledge Article Creation