Block Domain on NGFW

Reply
L2 Linker

Block Domain on NGFW

Hello,

 

can you anyone let me know how i block access based on domain name, e.g. i want a rule to allow all SMTP inbound except from domain testblock.com, how do i do this?

 

Thanks

 

Ryan

L6 Presenter

Re: Block Domain on NGFW

you will need 2 rules, one to allow all SMTP but just before that you need a rule to block SMTP from testblock.com.

L2 Linker

Re: Block Domain on NGFW

Hi, thanks for response.

 

the query i guess was more around how do i referenc the testblock.com domain in a rule?  as its not Web traffic i assume i cannot use URL Category etc, so how can i block a whole domain based on domain name, not IP, would need to PA to do some DNS work somehow. 

L2 Linker

Re: Block Domain on NGFW

You can try to use FQDN name (Object -> Addresses - Add type FQDN).  And use this object as source/destination.

L7 Applicator

Re: Block Domain on NGFW

@aaobuhov,

I don't ever recommend using an FQDN object when you're talking about SMTP traffic. If this domain was hosted on Microsoft for example you could end up blocking way more traffic then you intend. 

L2 Linker

Re: Block Domain on NGFW

thanks, i did not think of looking on the drop down, this was what i was after so thanks again.

L2 Linker

Re: Block Domain on NGFW

That is a very good point, thank you for your response, i will have to re-think this one!

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!