I just installed a Fortinet 92D firewall to replace my old SonicWALL TZ190. All the routing is set up and everything seems to be working fine, however with the webfilter it will only block http sites if you go to an HTTPS site it works fine.
So sites like Facebook, Twitter, and many shopping websites work fine because they use HTTPS, not HTTP.
I found if I went to the internal to WAN1 and turned on SSL inspection, it would then block HTTPS site, but it blocked every HTTPS sites. Turning that on also blocked all mobile devices from working on the network, if there was a phone connected to wifi and I turned on SSL inspection no apps or web browsers or anything using the internet on the phone would work.
I don't want to block every HTTPS site, I want to block certain sites, like Twitter and Facebook and some shopping sites. However I can't figure out how to do this.
They have the categories and with social networking turned on facebook and twitter still work, so it is the HTTPS portion of the website, that makes it stop.
For instance yahoo's home page works fine when I block yahoo, however when you click on a link at that point it says blocked because the inner pages are http but the home page is https.
I don't want to turn on the SSL inspection and block all HTTPS sites and then have to allow sites because there is an infinite number of sites that need allowed.