I've been trying to figure what is right way (that also works best) to fully block access to a domain.
From my understanding there are 3 options:
* Block address of type FQDN
* Web filter
* DNS filter
Thing is I had issues with each one:
FQDN - (From this thread I understand that FQDN wouldn't be useful when blocking a domain that is connected to numerous IPs https://forum.fortinet.com/tm.aspx?m=188725&tree=true).
Web filter - web filter does block the domain when accessed through a browser. But won't block a ping request, which makes me worry it won't block other connections with the domain.
DNS filter - I have created a DNS filter but it does not seem to block the domain, so I am wondering whether it is not properly configured. This is how I set it up:
(Didn't matter which kind of inspection I set to the policy, and for the DNS filter itself, I tried both Simple option and Reg. Expression.)
So the question is:
Which one I should use to fully block access to a domain, and what is wrong with what I am doing with the option that is recommended?
