We're using flow based at the moment due to recommendations from our distributor.
But we now seem to be hitting a bug... We have a webfilter set ut to block everything except certain url's. But regardless of what we do, we can't seem to be able to block facebook using that technique. Everything else seems to work as expected, except facebook. Had Fortinet support online for two hours today without them being able to figure it out... The only real tips they had was that it normally works better in proxy mode... But it didn't sound too convincing...
So I tried it now on a test unit (60D), and are able to reproduce the same result in flow mode. (Wildcard * block, and still facebook access from android phones) And when I change the vdom to proxy mode it is, in fact, able to block facebook. With the exact same policy and webfilter.
Running FortiOs 5.6.3 on both test and production. Anyone else seen this behavior? So I guess we now have to consider changing from flow to proxy.. Any tips on things to verify before we make this change? From what I've been told performance could suffer if we switch, any performance counters we should be aware of before we consider to do the switch on our production system? Regards Grondalen
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1547 | |
1031 | |
749 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.