Hi,
I'm using fortigate 310b and by default we have using web filtering and application control to block certain application.
There is one website that have an applet / apps in the website page for play live radio streaming is block by Application Control.
I have whitelist the website but still cannot see and play the live radio streaming applet but try to whitelist in the application control but seems like it cannot be specific to certain URL
Please advised how to allow the URL to be access..Thanks!
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hi gendit,
Please select enable web filtering option from security menu, add the url which you want to allow and select the correct action.
Dear Bray,
I already try that options and the live streaming applet still being block.
when i add the URL whether direct URL or Wildcard, still the same because the website can be access, only the apps is block by application control
Thanks for Reply
Hi,
I'm try to explain.
What's your Firmware Version of fortigate?
I think that you need to create a Application Override, put the APP in list with action the permit the app.
See the picture attached.
I'm using firmware 5.2.7
Thank you.
Best Regards,
Adriano Oliveira
Security Analyst / Consultant
+55 21 972816850
Hi Adriano,
I'm using firmware 5.2.8. I already try before the suggestion before and its not working since you can only enable / allow the apps generally but cannot specific to the web / URL that been blocked. I already try to enable/ allow the live streaming apps generally, but instead all the streaming site can be open which blocked by web filter. This cause traffic congestion.
Its is possible for me to allow specific URL in the apps guard?
or
Can i white list a website / certain website which generally bypass the webfilter and apps guard?
Thanks and Regards
Hello gendit,
Since you used the Application Control signature "Stream.Media" to block the traffic, you would need to use the Application Override to allow the traffic. You can add a custom App Control signature to whitelist the specific site that you want allowed and set it to Monitor.
I will send you the latest IPS Engine for FortiOS 5.2 that allows whitelisting for custom signatures. The signature syntax is as follow:
F-SBID( --name "<Any Name>"; --protocol tcp; --service HTTP; --flow from_client; --pattern "<host name>"; --context host; --no_case; --pattern "<URI>"; --context uri; --no_case; --app_cat 12; --weight 100; )
In the image you provided, the link was blocked when you access http://stream.rib.dataprodigy.my:16731. An example of how to how to put the link into the signature is:
F-SBID( --name "Dataprodigy.Steam"; --protocol tcp; --service HTTP; --flow from_client; --pattern "stream.rib.dataprodigy.my"; --context host; --no_case; --app_cat 12; --weight 100; )
I removed the URI pattern because the link does not appear to have one. After you add the signature, add it to Application Override.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1660 | |
1077 | |
752 | |
443 | |
220 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.