Fortigate 6.2.2 unable to block zenmate proxy

Author
Javed Bashir
New Member
  • Total Posts : 1
  • Scores: 0
  • Reward points: 0
  • Joined: 2020/02/28 04:36:53
  • Status: offline
2020/02/28 04:48:11 (permalink)
0

Fortigate 6.2.2 unable to block zenmate proxy

Hi,
we configured blocking web proxy using web filter and application control. But Fortigate FG-100E using 6.2.2 is fail to block zenmate proxy, even we configured Inspection Mode in Proxy-based and enable deep inspection on policy, but still can users zenmate and bypass Firewall policy.
kindly suggest solution.
Thanks
Regards,
Javed Bashir
#1

1 Reply Related Threads

    Dave Hall
    Expert Member
    • Total Posts : 1636
    • Scores: 174
    • Reward points: 0
    • Joined: 2012/05/11 07:55:58
    • Location: Canada
    • Status: offline
    Re: Fortigate 6.2.2 unable to block zenmate proxy 2020/02/28 13:35:13 (permalink)
    0
    Zenmate is listed on the Fortiguard site as a VPN, so trying to block it via classifying it as a web proxy may not work 100%.  Keep in mind that firewall polices (rules) are executed from top-to-bottom, so if you have crafted web filter rules - it should be applied to outgoing web traffic - this rule should be moved up in the firewall rule chain so it can be triggered. 
     
    A google search on blocking zenmate seems to indicated this browser-add-on calls home (e.g. zenguard.biz, zenguard.org, zenmate.io, etc.) - you should be able to craft url filters to block those domains. 
     
    Learn to use the FortiView->sources and drill down to a device's indivdual sessions to see what exactly is going on.  If a site is not blocked, drill down into that session and see what the fgt says about what firewall policy is allowing that traffic through.
     

    Attached Image(s)


    NSE4/FMG-VM64/FortiAnalyzer-VM/6.0 (FWF30E/FW92D/FGT200D/FGT101E/FGT81E)/ FAP220B/221C
    #2
    Jump to:
    © 2020 APG vNext Commercial Version 5.5