RE: Block youtube and FB
That' s correct. Application blocking will not give an error. It will just stop the session from completing.
If you use FortiOS 5.0.x, there is something called a Fortinet Top Bar available in Proxy Options. It will overlay a small window over your browser to let you know that an application was blocked. It also gives login information and other status messages.
I haven' t used this feature, so I don' t know how reliable it is. It might be worth investigating.
Blocking the domain in the web filter will also give you a proper error message. However, domain blocking is not as reliable as application blocking.
It' s not reliable for blocking the HTTPS versions of websites if you don' t have SSL deep-packet inspection enabled. This is especially true for Google-based sites that use a similar *.google.com SSL certificate for almost all their websites.
For Facebook, I found it was more reliable to block via Application Control.
I don' t block Youtube, so not sure how well App Control works for that. It might be easier to create a School ID for Youtube and force all Youtube traffic to educational videos. That effectively ruins it as an entertainment source.
Fortigate 600C 5.0.12, 111C 5.0.2