Hot!Fortigate Web Filter fails to block Facebook on Google Chrome

Author
hamdi.kadri
New Member
  • Total Posts : 2
  • Scores: 0
  • Reward points: 0
  • Joined: 2018/06/25 10:26:20
  • Status: offline
2018/06/25 10:32:49 (permalink)
0

Fortigate Web Filter fails to block Facebook on Google Chrome

This is a weird phenomena I noticed today : even though Social Networking Sub-category is set to "block" on Web Filter, users who use Google Chrome still have access to it.
I tried with Firefox and Opera and Web Filter works properly.
Changing my settings to use Explicit proxy, I can get to block facebook with no problems. But if I apply my Web Filter Profile to the ACL, facebook bypasses the Web Filter.
I even blocked everything on my Web Filter profile, added a wildcard filter, etc.. it didn't work with facebook.
My firmware is v5.4.8,build1183 running on a FG30E.
Any ideas ?
 
UPDATE :
I tried with another firmware version (v5.2.10,build742) on another appliance (FG500D) and WebFilter is working properly. Can someone else confirm the issue with v5.4.8,build1183 ? 
My real concern is that the appliance is in production and I can't upgrade without being sure that it will solve the issue.
post edited by hamdi.kadri - 2018/06/26 03:00:52
#1
sw2090
Gold Member
  • Total Posts : 238
  • Scores: 10
  • Reward points: 0
  • Joined: 2017/06/14 01:27:25
  • Location: Regensburg
  • Status: offline
Re: Fortigate Web Filter fails to block Facebook on Google Chrome 2018/07/04 23:25:34 (permalink)
0
Yesterday I got notified by some user that they can access Facebook to even though category is blocked like in your case. So maybe we have the same problem on FGT9x and FGT100E wih 5.4.x .
 
Did you already open a case with Fortinet Support on this?
#2
sw2090
Gold Member
  • Total Posts : 238
  • Scores: 10
  • Reward points: 0
  • Joined: 2017/06/14 01:27:25
  • Location: Regensburg
  • Status: offline
Re: Fortigate Web Filter fails to block Facebook on Google Chrome 2018/07/05 01:58:37 (permalink)
0
Ok since we seem to have that same issue (facebook blocked by webfilter by fortiguard AND local category but still accessible) I now opened a ticket with Fortinet Support. We'll see what they will say...
#3
Tindrli
New Member
  • Total Posts : 6
  • Scores: 0
  • Reward points: 0
  • Joined: 2018/06/08 01:27:37
  • Status: offline
Re: Fortigate Web Filter fails to block Facebook on Google Chrome 2018/07/17 04:44:16 (permalink)
0
The way how it worked for me (I'm on FortiOS 5.6.3 version) was that i had to change Inspection mode to Proxy and then i separated two policies. One policy is for Web filtering and second one is for App filtering. I created new SSL and IPS profile as well. Don't know how it will affect this process but I did it anyways. 
After i created policies i had to log out and log back in to the client computer and after that everything worked as intended. It seems that Web filtering and App filtering don't like each other if they are under one policy.
#4
sw2090
Gold Member
  • Total Posts : 238
  • Scores: 10
  • Reward points: 0
  • Joined: 2017/06/14 01:27:25
  • Location: Regensburg
  • Status: offline
Re: Fortigate Web Filter fails to block Facebook on Google Chrome 2018/07/17 05:11:52 (permalink)
0
ok but this one one hand does not say anything about 5.4. There's may things different between 5.4. and 5.6. 
Also haven't yet gotten any solutions on my ticket wih Fortinet TAC.
#5
Jump to:
© 2018 APG vNext Commercial Version 5.5