External Dynamic List & URL Filtering

Reply
L2 Linker

External Dynamic List & URL Filtering

Hello all, I want to use an EDL to try to whitelist a group of approved sites for users and block all other sites. In URL Filtering, I have all other categories set to block, and just allowing the EDL. However, when a user tries to go to one of those sites (for example - *.lync.com), he is getting blocked and the category is showing as internet-communications-and-telephony. I verified the EDL is pulling in the list of sites in the EDL so I would have assumed the category would have shown the EDL name in the URL Filtering logs. I know I could just create a new URL category and add the sites from the EDL into it and it would work, but I would prefer to use the EDL. The reason is so one of our IT staff without PA access can still add a site in if needed. I thought I could add the EDL in the security policy as a destination, but I can't add it since it's a dynamic URL list. Any help or suggestions would be greatly appreciated! Thanks!
L7 Applicator

Re: External Dynamic List & URL Filtering

@Samtec-Matt,

I'm not exactly sure when this ability was added, but with 8.0.* you should be able to utilize an EDL with a Security Policy to just allow those URLs. With that done you could continue to block all of the other categories in a seperate security policy to ensure that it still functions as you want. I assume that you are simply running an older software version that doesn't have this feature.

Capture.PNG

L2 Linker

Re: External Dynamic List & URL Filtering

Thanks for the reply BPry.

I am running 8.0.6-h3 code on the PA. So are you saying to add the EDL (CR Work Related Sites) in the Security Policy -> Service/URL Category -> URL Category?

Capture.PNG

Then do a second security policy to block all the rest?

 

Thanks!

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!