Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
vidyashankar
New Contributor

websites blocking

hai,

I am using fortigate 60D in our office. here some 50 clients are using internet. in this case i want to block youtube and facebook for all the users. except 1pm to 3pm it should be opened. is there any possibilities for this request.

 

 

3 REPLIES 3
gschmitt
Valued Contributor

Easy as pie

 

Go to Security Profiles > Webfilter and create a new profile with the + symbol top right corner

Name it Blocked_FaceTube

Enable URL Filter > Create New

enter facebook.com and youtube.com

Configure the rest as needed

hit Apply

 

Now to go Policy&Objects > Objects > Schedules

Create new

name it FaceTube time and select the times as needed (Sun-Sat; 1pm to 3pm)

And click OK

 

Now go to Policy&Objects > Policy > IPv4

Create New

Source Interface Internal (local lan)

Source Address all (local subnet)

Destination Interface wan1 (internet facing interface)

Destination all

Schedule FaceTube Time

Enable NAT

Configure the rest as needed

 

Create a new policy as above but:

Schedule always

Enable Web Filter profile Block_FaceTube

 

Now navigate to your internal > wan1 policies and make sure the FaceTube Time policy is above the second one

vidyashankar

Thanks a lot.. it is very much helpful.

SecurityPlus
Contributor II

gschmitt, if OK with you I will use the recommendations you created above and will modify them slightly to match this request. I will try to mark my edits to your earlier post in [style="background-color: #ffff00;"]yellow[/style].

 

vidyashanker, this should block facebook.com and youtube.com from 3pm to to 1pm the following day. Please test to assure that it gives you the proper result.

 

Go to Security Profiles > Webfilter and create a new profile with the + symbol top right corner Name it Blocked_FaceTube Enable URL Filter > Create New enter facebook.com and youtube.com Configure the rest as needed hit Apply   Now to go Policy&Objects > Objects > Schedules Create new

[style="background-color: #ffff00;"][<font][<font]Type Recurring[/style]

[style="background-color: #ffff00;"][<font]name it [<font]Blocked_FaceTube_time[/style]

[style="background-color: #ffff00;"][<font]Days Select all days Sunday through Saturday[/style]

[style="background-color: #ffff00;"][<font][<font]Start Time Hour 3pm minutes 00 [/style]

[style="background-color: #ffff00;"][<font][<font]Stop Time [<font][<font][<font]Hour 1pm minutes 00[/style] And click OK   Now go to Policy&Objects > Policy > IPv4 Create New Source Interface Internal (local lan) Source Address all (local subnet) Destination Interface wan1 (internet facing interface) Destination all Schedule [style="background-color: #ffff00;"]Blocked_FaceTube_time[/style]

[style="background-color: #ffff00;"]Enable Web Filter profile Block_FaceTube[/style] Enable NAT Configure the rest as needed   Create a new policy as above but:

Source Interface Internal (local lan) Source Address all (local subnet) Destination Interface wan1 (internet facing interface) Destination all Schedule always Enable NAT Configure the rest as needed

  Now navigate to your internal > wan1 policies and make sure the FaceTube Time policy is above the second one

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors