URL Redirect

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

URL Redirect

L0 Member

Hi,

 

is it possible to redirect f.e. www.bing.com to www.google.com via Palo Alto.

 

If yes, how can i do that?

 

Thx

9 REPLIES 9

Cyber Elite
Cyber Elite

No.

 

You could use DNS Proxy feature and static entries.

In this case you point your client device DNS settings towards Palo (usually with DHCP).

Set up DNS Proxy to pass on DNS requests to DNS server of your preference.

And add static entry so that if user asks for www.bing.com Palo will reply with IP of www.google.com

Does not work with all web servers (if server runs multiple websites on single IP).

 

Theoretically you can also do some tricks with response pages and Javascript redirect but this is quite hack already.

Enterprise Architect, Security @ Cloud Carib Ltd
Palo Alto Networks certified from 2011

L1 Bithead

Yes you can.

 

You can use the block page to run a script that will re-direct the traffic to another site.  


@rclark wrote:

Yes you can.

 

You can use the block page to run a script that will re-direct the traffic to another site.  


 

Isn't that what @Raido_Rattameister already commented above?

 

"Theoretically you can also do some tricks with response pages and Javascript redirect but this is quite hack already."


@Raido_Rattameister wrote:

No.

 

You could use DNS Proxy feature and static entries.

In this case you point your client device DNS settings towards Palo (usually with DHCP).

Set up DNS Proxy to pass on DNS requests to DNS server of your preference.

And add static entry so that if user asks for www.bing.com Palo will reply with IP of www.google.com


This will end up in certificate warnings and maybe even worse in completely blocked access because of hsts and other https security features.


@Brandon_Wertz wrote:

@rclark wrote:

Yes you can.

 

You can use the block page to run a script that will re-direct the traffic to another site.  


 

Isn't that what @Raido_Rattameister already commented above?

 

"Theoretically you can also do some tricks with response pages and Javascript redirect but this is quite hack already."


With this "hack"/javascript on the response page you can do great things:

  • URL redirects and even specific redirects based on categories or specific URLs
  • Different response page content based on sourceuser/URL category/website
  • Display the response page in different languages based on the users browser langiage settings
  • Redirect any access to the RP to a custom webserver and pass along all the attributs like user, category, ... to do some more statistics there (requires custom webserver implementation)
  • Create a form on the RP where a user could directly open a ticket in case of wrong category (requires jquery)
  • ...


@Remo wrote:


With this "hack"/javascript on the response page you can do great things:

  • URL redirects and even specific redirects based on categories or specific URLs
  • Different response page content based on sourceuser/URL category/website
  • Display the response page in different languages based on the users browser langiage settings
  • Redirect any access to the RP to a custom webserver and pass along all the attributs like user, category, ... to do some more statistics there (requires custom webserver implementation)
  • Create a form on the RP where a user could directly open a ticket in case of wrong category (requires jquery)
  • ...

 

 

At my company we've toyed with the idea about doing this for phishing training.  So when we send phishing tests out the response page would be training documentation or something specific we wanted to educate the users on

@Brandon_Wertz 

That's a good one!

Yes.  I didn't finish reading his response.  


@rclark wrote:

Yes.  I didn't finish reading his response.  


 

You had 2 years 5 days to read his response...Maybe try 2 years 6 days next time?  haha jk

  • 7815 Views
  • 9 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!