Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
vusal_d
New Contributor

blocking ports explicit web proxy

hello everyone 

i have many infected pc in my organization, and many users using their pc with no antivirus  

they all use proxy (fortigate lan ip)  in browser settings 

 

so pocket capture shows me a lot of abnormal traffict though my WAN adapter inspite of that these port are not allowed in traffic policy

i have explicit lolicy rules and seems they are allowing such traffic

THREAT my.wan.ip.addr 84.84.137.88 59889 445 TCP SYN with data(8723) My country Netherlands
THREAT my.wan.ip.addr 128.29.247.92 59937 445 TCP SYN with data(8723) My country United States
THREAT my.wan.ip.addr 143.86.21.89 59932 445 TCP SYN with data(8723) My country United States
THREAT my.wan.ip.addr 144.192.54.14 59928 445 TCP SYN with data(8723) My country United States
THREAT my.wan.ip.addr 2.67.116.90 59926 445 TCP SYN with data(8723) My country Sweden
THREAT my.wan.ip.addr 68.101.6.74 59865 445 TCP SYN with data(8723) My country United States
THREAT my.wan.ip.addr 65.55.163.82 59859 443 TCP SYN with data(8723) My country United States
THREAT my.wan.ip.addr 223.126.172.93 59847 445 TCP SYN with data(8723) My country China
THREAT my.wan.ip.addr 211.110.18.25 59821 445 TCP SYN with data(8723) My country Korea Republic Of
THREAT my.wan.ip.addr 75.45.191.94 59777 445 TCP SYN with data(8723) My country United States
THREAT my.wan.ip.addr 209.48.44.236 59775 445 TCP SYN with data(8723) My country United States
THREAT my.wan.ip.addr 222.15.125.40 59764 445 TCP SYN with data(8723) My country Japan

now my questuin is how to stop ttis traffic that goes through explicit  proxy.  when i enable set transparent enable on an explicit policy rule isers have no web access

 

2 REPLIES 2
Fullmoon
Contributor III

have you tried to install FortiClient on your computers? its free by the way.

Fortigate Newbie

Fortigate Newbie
vusal_d

Fullmoon wrote:

have you tried to install FortiClient on your computers? its free by the way.

 

nope  actually im new at fortigate  so can u please explain me how would forticlient will help me. As far as i knkw FortiCkient is used to connect to VPN. and thats all

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors