Users sometimes getting blocked to streaming sites even when they are in profile w/access

Author
ehurst
New Member
  • Total Posts : 1
  • Scores: 0
  • Reward points: 0
  • Joined: 2018/05/22 06:09:21
  • Status: offline
2018/08/10 12:57:15 (permalink)
0

Users sometimes getting blocked to streaming sites even when they are in profile w/access

I have some users that are occasionally getting blocked to streaming media sites, even though they are in a security group that gives access. And it is sporadic, some days they can access. I noted a pattern in the firewall logs: they do not have their username in the "User" column. Those unaffected by this do have their username listed.

We are using FortiClient 5.6 on the computers, and FortiGate 300D (I don't know what version of software it is running).
#1

1 Reply Related Threads

    Sudarsan Babu
    Bronze Member
    • Total Posts : 35
    • Scores: 2
    • Reward points: 0
    • Joined: 2017/04/24 03:18:50
    • Location: INDIA
    • Status: offline
    Re: Users sometimes getting blocked to streaming sites even when they are in profile w/acc 2018/08/11 00:22:32 (permalink)
    0
    Hello ehurst , 
     
    1. Have you configured any web filter in forticlient. 
    1a) check the web site certificate .
     
    2. Enable user name in logs using following command 
     
    FGT# config log setting 
    FGT(setting)#  set user-anonymize enable
    FGT(setting)#  end 
     
    3. Check in SSL inspection this  category is allowed and  in web filter .  
    Verify in Application control signature is allowed. 
     
    4. You need to to packet capture or use the following debug command to check when its blocked .
     
    FGT# di de url-filter src addr                      ----------> PC Address
    FGT# di de application urlfilter -1
     
    5. Check application control logs when its blocked. So you can check in which policy ID traffic is passing . 
     
    Regards,
    Sudarsan Babu P
     
     
     

    Regards,
    Sudarsan Babu P
    #2
    Jump to:
    © 2018 APG vNext Commercial Version 5.5