Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Phillyidol
New Contributor

HTTPS Block - ONLY YouTube

Okay - forgive me if this has been asked and answered, as I have some fair experience with firewalls, but a newbie with FortiGuard, so looking for some ' step-by-step' instructions that cover a larger range of these units, as we have one 80C, and one 100D, both with v5.0 FW. Issue is we put together a rule to block youtube, but no matter what settings we try (including the SSL Inspection settings, which BTW look like they are ONLY for a Proxy setup with a Web Filter), we can' t seem to block youtube with an https in the URL. As mentioned, if anyone has the FULL steps/settings to get this to work, it' d be greatly appreciated. Again, apologies if this was answered, but I looked and only found references of steps and looking for all steps, although, I just may have missed the post. Thanks
Philly Idol
Philly Idol
12 REPLIES 12
amitkor
New Contributor

Ive tried this with version 5.2.1 It blocked all social networks. Other ways i have tried did not block the youtube link from google.com. Does anyone of a way to block only youtube?
TuncayBAS
Contributor II

With IPS signatures via DNS requests can block YouTube. Would you please test the following IPS signature?
 F-SBID(--name " Youtube.Block" ; --protocol tcp; --dst_port 443; --flow from_client;  --dst_addr ([173.194.55.0/24,206.111.0.0/16,74.125.232.1/32,74.125.232.8/32,74.125.232.7/32,74.125.232.65/32,208.117.254.192/26];)
 
 F-SBID(--name " Youtube.DNS-Block" ; --protocol udp; --service DNS; --flow from_client; --byte_test 1,<,128,2; --pattern " youtube" ; --context host; --no_case;)
 
 

Tuncay BAS RZK Muhendislik Turkey NSE 4 5 6 FCESP v5

Tuncay BAS RZK Muhendislik Turkey NSE 4 5 6 FCESP v5
Dave_Hall
Honored Contributor

I' m kinda wary about playing around with various google subnet blocks -- grabbing various lists I found on the Internet, in my initial testing, I have accidentally locked my test network out of google.com' main search page (or local version). Though the second signature looks nice and was something I was going to try myself, using bits of info found on this site.

NSE4/FMG-VM64/FortiAnalyzer-VM/6.0 (FWF30E/FW92D/FGT200D/FGT101E/FGT81E)/ FAP220B/221C

NSE4/FMG-VM64/FortiAnalyzer-VM/6.0 (FWF30E/FW92D/FGT200D/FGT101E/FGT81E)/ FAP220B/221C
Labels
Top Kudoed Authors