I'm having an odd issue with Application Control (Blocking Spotify) on an outgoing client policy on 6.2. Wondering if anyone would have any insight to what I may be missing?
The application control profile has Spotify added as an override with Block as the action. When I check the logs and filter Spotify it appears with pass as the action.
I've confirmed through these records that it is the correct policy which has the profile with the override in it that is being applied to that traffic.
Is there anything else in the app control profile that needs to be done other than adding the override block in order for that to work?
Screenshots linked below. Thanks.
https://www.dropbox.com/s/nomrodlithgsvnf/spotify1.PNG?dl=0
https://www.dropbox.com/s/1mlqf5g15kddmgi/spotify2.PNG?dl=0
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Enable "Network Protocol Environment" option from this screenshot. https://www.dropbox.com/s/1mlqf5g15kddmgi/spotify2.PNG?dl=0
It'd help you.
hubertzw wrote:You need the policy with Application Control with action 'block'. I see your policy 27 has action 'pass'.
I just test it and it works fine on 6.2:
date=2019-06-24 time=23:46:49 logid="1059028705" type="utm" subtype="app-ctrl" eventtype="app-ctrl-all" level="warning" vd="root" eventtime=1561445209 appid=17405 srcip=10.0.1.10 dstip=104.154.127.47 srcport=49642 dstport=443 srcintf="port3" srcintfrole="undefined" dstintf="port1" dstintfrole="undefined" proto=6 service="HTTPS" direction="outgoing" policyid=1 sessionid=1917 applist="spotify-test" appcat="Video/Audio" app="Spotify" action="block" hostname="www.spotify.com" incidentserialno=1399263240 url="/" msg="Video/Audio: Spotify," apprisk="medium"
See below 2 screenshots which have the override as blocks. Surely the IPv4 Policy "27" isn't meant to be action of "DENY"?
https://www.dropbox.com/s/1mlqf5g15kddmgi/spotify2.PNG?dl=0
https://www.dropbox.com/s/d0s0arkt5e4qeod/spotify3.PNG?dl=0
Yes, my mistake, the firewall policy action can be 'allow' of course. The one scenario I tested is like your one and in my case it works fine:
FortiOS v6.2.0 build0866 (GA)
config firewall policy
edit 1
set name "Full_Access"
set uuid b11ac58c-791b-51e7-4600-12f829a689d9
set srcintf "port3"
set dstintf "port1"
set srcaddr "LOCAL_SUBNET"
set dstaddr "all"
set action accept
set schedule "always"
set service "ALL"
set utm-status enable
set logtraffic all
set fsso disable
set application-list "spotify-test"
set ssl-ssh-profile "custom-deep-inspection"
set nat enable
next
end
edit "spotify-test"
set comment ''
set replacemsg-group ''
set extended-log disable
set other-application-action pass
set app-replacemsg enable
set other-application-log enable
set enforce-default-app-port disable
set unknown-application-action pass
set unknown-application-log disable
unset p2p-black-list
set deep-app-inspection enable
set options allow-dns
config entries
edit 1
set application 17405
set action block
set log enable
set log-packet disable
set rate-count 0
set session-ttl 0
set quarantine none
next
Hi! I just wonder how's it going now
Sorry for bumping into an old conversation. Based on what you've said, it seems like you've done everything correctly regarding adding the override block for Spotify in the app control profile. However, it's still passing through instead of being blocked. It's hard to say exactly what might be causing the issue. I hope you get it fixed, as Spotify is a great platform; I even stream my songs and buy Spotify plays there to get popular. Let us know how it goes!
I understand how frustrating things can be when things don't work as expected. When dealing with Application Control on version 6.2, it's essential to double-check your settings. Apart from adding the Spotify override with the "Block" action, ensure no conflicting rules or conditions in the profile might affect the outcome.
You should also look into the order of the rules and confirm that the policy with the override is indeed being applied correctly.
By the way, you can also buy Spotify plays to promote your music there. Songlifty offers a service to buy Spotify plays, which can help boost your tracks and reach a wider audience!
Hey There,
It seems like you've encountered a peculiar challenge with Application Control, specifically related to blocking Spotify through an override. Despite setting the override with a "Block" action in the application control profile, the logs indicate a "Pass" action for Spotify. You've diligently confirmed that the correct policy, containing the profile with the override, is applied to the traffic in question. To troubleshoot, consider double-checking the application control profile settings to ensure all necessary configurations are in place. Additionally, explore any specific nuances or requirements within the application control profile that might be affecting the desired blocking of Spotify. Given the nature of the issue, it might be worthwhile to explore potential connections with unconventional uses, such as those related & wanna use premium mod Spotify, to ascertain if any unique interactions or configurations are influencing the expected behavior...
Best Regards!!
It sounds frustrating that the Spotify block override isn't taking effect. Have you checked the application control settings and ensured that everything is configured properly? Sometimes a small tweak can make all the difference. By the way, for users who need uninterrupted access, Spotify Premium APK iOS offers a seamless experience. Hope you get this issue resolved soon!
It sounds frustrating that the Spotify block override isn't taking effect. Have you checked the application control settings and ensured that everything is configured properly? Sometimes a small tweak can make all the difference. By the way, for users who need uninterrupted access, Spotify Premium APK iOS offers a seamless experience. Hope you get this issue resolved soon!
It sounds like you're dealing with a tricky issue! In my experience, when the override block isn't taking effect, it’s often related to the sequence of policies or application control settings not being prioritized correctly. Have you tried reordering the policies to ensure the override is being enforced before any pass actions? Also, double-check if there's any deep inspection or SSL setting that might be allowing traffic to pass despite the block. For users wanting uninterrupted access, Spotify Premium APK iOS could be a great alternative. Hopefully, these tips help get you closer to a solution!
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1517 | |
1013 | |
749 | |
443 | |
209 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.