Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
F-ALI
New Contributor III

Created on ‎04-22-2025 12:45 AM

Issue with Blocking YouTube and Affecting Google Docs

Hi everyone,

I’ve configured my FortiGate to allow access to Google Docs only for certain users. However, I noticed that those users were still able to access YouTube.

Upon investigation, I found that Google Docs and YouTube share some of the same IP addresses, which makes it difficult to block one without affecting the other.

When I created a policy to block YouTube, it ended up blocking Google Docs too.

Has anyone found a way to allow Google Docs while effectively blocking YouTube?

 

Any suggestions would be appreciated.

 

youtube_IP.png

Labels:
913
0 Kudos
6 REPLIES 6
AEK
SuperUser
SuperUser

Created on ‎04-22-2025 01:38 AM

Hi Ali

Don't use FQDN for that. Use ISDB as destination address instead.

AEK
AEK
903
F-ALI
New Contributor III
In response to AEK

Created on ‎04-22-2025 02:59 AM

Hi AEK ,

thanks for your input , but after check the internet service list , there's no service for YouTube

ISDB.png

877
0 Kudos
F-ALI
New Contributor III

Created on ‎04-22-2025 07:10 AM

Any suggestions would be appreciated.

845
0 Kudos
AEK
SuperUser
SuperUser
In response to F-ALI

Created on ‎04-22-2025 01:48 PM

My bad. Use app control instead to block YouTube application.

AEK
AEK
825
F-ALI
New Contributor III
In response to AEK

Created on ‎04-23-2025 04:51 AM

Hi AEK,

Thanks for your suggestion. I gave it a try, but it wasn't effective in this case.

As a temporary solution, I applied traffic shaping rules to limit YouTube traffic to 200 Kbps per IP.

With this in place, Google Sheets is now accessible, although YouTube videos load very slowly due to the reduced bandwidth.

Additionally, I plan to block YouTube entirely by mapping www.youtube.com to an invalid IP address in the hosts file or via a custom DNS record on our DNS server.
This should effectively prevent access by resolving the domain to an incorrect address.

800
ArminF
New Contributor

Created on ‎06-13-2025 02:43 AM

Got the same issue. Wanted a dedicated web profile with App,DNS, etc filters.
But the ISDB routes youtube.com and googlevideos.com into the Google Gmail collection.
As soon as i remove the Google Gmail it works but then routes all google meet, mail traffic through my default web police with all the filters applied. 
Is there are possiblity to overwrite those ISDB ranges maybe?


Thanks

Forti 71G Home Protection
Forti 71G Home Protection
515
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.