Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
heskez
New Contributor III

Created on ‎11-14-2016 06:36 AM

Strange issue to allow Web filtering on Skype for Business / Microsoft Lync

Hi, 

 

I've got a strange issue with a web filtering profile in relation to Skype for business URL's,. 

I've made a simple rule to allow ports TCP 50000-59999 and TCP 5061 (SIP implementation) and works all fine. 

Second I've made a rule to allow HTTPS to a range of Skype locations. And apply APP/IPS and SSL profile. 

I excempt the Skype URL's from scanning.

It works all fine. 

When I enable WEB/AV/DLP Profile it goes wrong. 

 

To resolve I've made a custom "Internet Telephony Custom" category and add the Skype URL's. 

I set the action to "Allow" within the Web filtering profile. 

I start debug on urlfilter enable and get result (ftgd-allow) from chache on the corresponding URL's which is good imo.

 

Nevertheless it still goes wrong (visible with RST within diag sniffer packet logs) and I can't logon in Skype 

when I enable the Web filtering profile. Same applies to AV and DLP Profile. 

 

Could this be a bug since it considers all three profiles?

 

Best,

E

 

Labels:
7746
0 Kudos
0 REPLIES 0
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.