- Forums
- Knowledge Base
- Customer Service
- FortiGate
- FortiClient
- FortiAP
- FortiAnalyzer
- FortiADC
- FortiAuthenticator
- FortiBridge
- FortiCache
- FortiCarrier
- FortiCASB
- FortiConnect
- FortiConverter
- FortiCNP
- FortiDAST
- FortiDDoS
- FortiDB
- FortiDNS
- FortiDeceptor
- FortiDevSec
- FortiDirector
- FortiEDR
- FortiExtender
- FortiGate Cloud
- FortiGuard
- FortiHypervisor
- FortiInsight
- FortiIsolator
- FortiMail
- FortiManager
- FortiMonitor
- FortiNAC
- FortiNAC-F
- FortiNDR (on-premise)
- FortiNDRCloud
- FortiPAM
- FortiPortal
- FortiProxy
- FortiRecon
- FortiRecorder
- FortiSandbox
- FortiSASE
- FortiScan
- FortiSIEM
- FortiSOAR
- FortiSwitch
- FortiTester
- FortiToken
- FortiVoice
- FortiWAN
- FortiWeb
- FortiWebCloud
- Wireless Controller
- RMA Information and Announcements
- FortiCloud Products
- ZTNA
- 4D Documents
- Customer Service
- Community Groups
- Blogs
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
- Fortinet Community
- Forums
- Support Forum
- Fortinet blocking allowed site
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Fortinet blocking allowed site
All I have enabled is web filter -> url filter. I have one website to allow then block * as wildcard and for some reason it blocks the allowed sites and seems to be only https sites, my http sites in the allow list works but my https sites do not.
Does anyone have any idea?
google and fastpeoplesearch get blocked
Attached is a screen shot of the filter
Web Filter Threat Level high Direction outgoing Log event original timestamp 1602069758 Event Type urlfilter Hostname   www.fastpeoplesearch.com Message URL was blocked because it is in the URL filter list Profile Name default Request Type direct URL www.fastpeoplesearch.com/ URL Filter Index 1 URL Filter List default
Date 10/07/2020 Time 07:22:43 Duration 5s Session ID 52787 Virtual Domain root NAT Translation Source Source IP 192.168.168.5 NAT IP 75.150.165.185 Source Port 57133 Country Reserved Primary MAC 9c:8e:99:5c:34:0b Source Interface lan Host Name SCCserver.sterlingcredit Device Type Windows PC OS Name Windows 8.1 / 2012 Destination IP 104.18.15.109 Host Name fastpeoplesearch.com Port 443 Country United States Destination Interface wan1 Application Application Name HTTPS Category unscanned Protocol tcp Service HTTPS Data Received Bytes 212 B Received Packets 5 Sent Bytes 809 B Sent Packets 7 Action Action server-rst Security Action Blocked Threat 8 Policy 1 Policy UUID e02340c0-706e-51e8-64e1-e9101bf2f114 Policy Type policy Security Level Web events 1 Threat Score 30 Other Source Interface Role lan Log ID 13 byod_name SCCserver.sterlingcredit Protocol Number 6 roll 65535 byod_device windows-pc Log event original timestamp 1602069763 Destination Interface Role wan dstcountry_code US Source Server 0 Sub Type forward utmref 65535-37914 Security Events
5 REPLIES 5
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I would craft my url entries like these URL:*.fastpeoplesearch.com,*.google.com Type: Wildcard, Action: Exempt, Status:Enable
Fortigate Newbie
Fortigate Newbie
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks I’ll try that
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I got it to work.
It does not like any form of wildcard for some reason for allow or exempt. Firmware 5.6.3
I had to use
fastpeoplesearch.com, simple, allow
www.fastpeoplesearch.com, simple, allow
*, wildcard, block
now the site will come up and all others are still blocked
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
two things:
1. you url filter will not work because you set the action to "allow". This means it will allow it but check all other rules coming after that too. And your blocking all rule is of course matching too. So set the action to "exempt" to have it stop once the rule matched and not hit the block all rule.
2. url filter on https site will only work if you enable ssl deep inspection because without that it cannot see the url. Certificate inspection will also only see what is in subject (alternate) name which is usually only the domain or subdomain name of the site.
--
"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams
--
"It is a mistake to think you can solve any major problems just with
potatoes." - Douglas Adams
Related Posts
- vivaldi browser wont reach any webpage 387 Views
- Accessing SSL VPN addresses from a... 414 Views
- Multiple phase 2 selectors needed for... 341 Views
- fortianalyser bug with old logging 132 Views
- IPSec client is blocked by implicit... 647 Views
Labels
-
FortiGate
6,741 -
FortiClient
1,341 -
5.2
801 -
5.4
639 -
FortiManager
580 -
FortiAnalyzer
425 -
6.0
416 -
5.6
362 -
FortiSwitch
345 -
FortiAP
344 -
FortiClient EMS
274 -
FortiMail
262 -
6.2
251 -
FortiAuthenticator v5.5
234 -
5.0
196 -
FortiWeb
160 -
6.4
128 -
FortiNAC
110 -
FortiGuard
108 -
FortiSIEM
92 -
FortiGateCloud
88 -
FortiCloud Products
85 -
IPsec
83 -
FortiToken
73 -
Customer Service
70 -
SSL-VPN
68 -
4.0MR3
64 -
Wireless Controller
62 -
FortiProxy
47 -
FortiADC
44 -
FortiEDR
41 -
Fortivoice
41 -
FortiGate v5.4
34 -
FortiDNS
34 -
FortiExtender
33 -
FortiSandbox
32 -
SD-WAN
31 -
FortiSwitch v6.4
30 -
Firewall policy
30 -
High Availability
24 -
FortiConnect
24 -
FortiAuthenticator
22 -
VLAN
22 -
FortiWAN
22 -
FortiConverter
21 -
ZTNA
20 -
FortiPortal
18 -
FortiSwitch v6.2
16 -
FortiGate v5.2
16 -
Certificate
16 -
FortiMonitor
14 -
SAML
14 -
Interface
14 -
Logging
14 -
BGP
13 -
DNS
13 -
FortiGate v5.0
13 -
FortiDDoS
13 -
LDAP
12 -
Routing
12 -
FortiCASB
12 -
VDOM
12 -
fortilink
11 -
RADIUS
10 -
Virtual IP
10 -
FortiRecorder
10 -
FortiWeb v5.0
9 -
Authentication
9 -
SSL SSH inspection
9 -
FortiManager v5.0
9 -
NAT
9 -
4.0MR2
9 -
SSID
8 -
Traffic shaping
8 -
SSO
8 -
Application control
8 -
RMA Information and Announcements
7 -
FortiSOAR
7 -
FortiAnalyzer v5.0
7 -
Fortigate Cloud
7 -
FortiGate v4.0 MR3
7 -
Admin
7 -
4.0
7 -
IP address management - IPAM
7 -
Security profile
6 -
FortiBridge
6 -
SNMP
6 -
Web profile
6 -
Proxy policy
5 -
Traffic shaping policy
5 -
FortiAP profile
5 -
Web application firewall profile
5 -
FortiTester
5 -
FortiManager v4.0
5 -
Static route
5 -
FortiDirector
4 -
IPS signature
4 -
Packet capture
4 -
Antivirus profile
4 -
Automation
4 -
WAN optimization
4 -
DNS Filter
4 -
FortiCarrier
4 -
FortiCache
4 -
OSPF
4 -
3.6
4 -
FortiScan
4 -
Port policy
4 -
FortiToken Cloud
3 -
DoS policy
3 -
Email filter profile
3 -
Web rating
3 -
Intrusion prevention
3 -
FortiDB
3 -
trunk
3 -
FortiDeceptor
2 -
System settings
2 -
FortiInsight
2 -
NAC policy
2 -
Fortinet Engage Partner Program
2 -
Users
2 -
Traffic shaping profile
2 -
FortiPAM
2 -
VoIP profile
2 -
FortiAI
2 -
FortiHypervisor
2 -
Netflow
2 -
Protocol option
2 -
4.0MR1
1 -
TACACS
1 -
Replacement messages
1 -
Subscription Renewal Policy
1 -
Schedule
1 -
FortiCWP
1 -
FortiNDR
1 -
SDN connector
1 -
Application signature
1 -
Authentication rule and scheme
1 -
FortiManager-VM
1 -
Internet Service Database
1 -
Fabric connector
1 -
Multicast routing
1 -
Explicit proxy
1 -
Zone
1
Broad. Integrated. Automated.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Security Research
Company
News & Articles
Copyright 2024 Fortinet, Inc. All Rights Reserved.