Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Randomnamegoeshere
New Contributor

Web filtering fails for IP of website but DNS is blocked

Have a Fortigate setup with Deep SSL inspection with web filtering, the web filtering works if i go to https://websitegoes here.

However, if i type in the IP of that site it goes straight through, is that to be expected? how can i change this?

4 REPLIES 4
hubertzw
Contributor III

I'm not sure how effective it will be in your case but you can try: 'Rate URLs by domain and IP Address'. You can find it in the 'Web Filter' security profile, in the 'Rating Options' section.

Dave_Hall
Honored Contributor

Keep in mind when rating URLs by IP address is some site may be hosted on "cloud" servers and/or may be classified as such or pulls page elements (e.g. images) from other domains, so you may run into rating issues. 

 

Your best bet if you really want to nix users from browsing by IP address is to perhaps craft a URL using perl or regular expression that triggers on a IP-like addresses - I never tried this myself so do not know how effective it would be.

NSE4/FMG-VM64/FortiAnalyzer-VM/6.0 (FWF30E/FW92D/FGT200D/FGT101E/FGT81E)/ FAP220B/221C

NSE4/FMG-VM64/FortiAnalyzer-VM/6.0 (FWF30E/FW92D/FGT200D/FGT101E/FGT81E)/ FAP220B/221C
emnoc
Esteemed Contributor III

Yes correct, virtual-hosting  could become an issue. You should block by dns or content  in the URL string.

 

Ken Felix

PCNSE 

NSE 

StrongSwan  

PCNSE NSE StrongSwan
Randomnamegoeshere

emnoc wrote:

Yes correct, virtual-hosting  could become an issue. You should block by dns or content  in the URL string.

 

Ken Felix

Hi Ken,

 

DNS blocking works but the ip of the website doesnt, is my only hope to block all ip based requests via regex?

Labels
Top Kudoed Authors