Hot!www.google.com bypassing web filtering

Author
scarroll
New Member
  • Total Posts : 2
  • Scores: 0
  • Reward points: 0
  • Joined: 2015/10/20 06:46:34
  • Status: offline
2018/08/06 10:04:10 (permalink)
0

www.google.com bypassing web filtering

Hello.  

We are trying to implement web filtering for a particular server where we only want the server to be able to access a single URL.  We have Web Filtering working, except for the fact that in Chrome when you go to www.google.com it goes to the site.  This is bypassing both the wildcard blocking rule and the specific blocking rule for www.google.com.  Not only does it go to the page, but it also allows you to search.  clicking on search results fails, but you can still see results as well as the image tab.  Oddly, going to images.google.com or drive.google.com or www.google.fr all are blocked as expected.  

Is there something I am missing here?  
#1

4 Replies Related Threads

    Toshi Esumi
    Expert Member
    • Total Posts : 1050
    • Scores: 66
    • Reward points: 0
    • Joined: 2014/11/06 09:56:42
    • Status: offline
    Re: www.google.com bypassing web filtering 2018/08/06 10:27:05 (permalink)
    0
    Try this to block QUIC if the behavior persists:
    http://kb.fortinet.com/kb....do?externalId=FD36529
    #2
    scarroll
    New Member
    • Total Posts : 2
    • Scores: 0
    • Reward points: 0
    • Joined: 2015/10/20 06:46:34
    • Status: offline
    Re: www.google.com bypassing web filtering 2018/08/07 07:36:30 (permalink)
    0
    Tried disabling QUIC and blocking it on the Fortigate and it still lets it through... and it's ONLY www.google.com... and ONLY in Chrome... no other site works... 
    #3
    rwpatterson
    Expert Member
    • Total Posts : 8259
    • Scores: 177
    • Reward points: 0
    • Joined: 2006/08/08 10:08:18
    • Location: Long Island, New York, USA
    • Status: online
    Re: www.google.com bypassing web filtering 2018/08/07 08:14:57 (permalink)
    0
    Policies are hit from the top of the list down. Make sure you put that block policy above the one that allows QUIC.

    -Bob - self proclaimed posting junkie!
    See my Fortigate related scripts at: http://fortigate.camerabob.com

    -4.3.19-b0694
    FWF60B
    FWF80CM (4)
    FWF81CM (2)
     
    #4
    Toshi Esumi
    Expert Member
    • Total Posts : 1050
    • Scores: 66
    • Reward points: 0
    • Joined: 2014/11/06 09:56:42
    • Status: offline
    Re: www.google.com bypassing web filtering 2018/08/07 08:29:39 (permalink)
    0
    Run flow debug "diag debug flow" to see the chrome's google access is actually hitting the policy, which is supposed to block but be allowing. Then open a ticket with TAC.
    #5
    Jump to:
    © 2018 APG vNext Commercial Version 5.5