URL Redirect

Reply
L0 Member

URL Redirect

Hi,

 

is it possible to redirect f.e. www.bing.com to www.google.com via Palo Alto.

 

If yes, how can i do that?

 

Thx

Tags (1)
L7 Applicator

Re: URL Redirect

No.

 

You could use DNS Proxy feature and static entries.

In this case you point your client device DNS settings towards Palo (usually with DHCP).

Set up DNS Proxy to pass on DNS requests to DNS server of your preference.

And add static entry so that if user asks for www.bing.com Palo will reply with IP of www.google.com

Does not work with all web servers (if server runs multiple websites on single IP).

 

Theoretically you can also do some tricks with response pages and Javascript redirect but this is quite hack already.

Enterprise Architect @ Cloud Carib www.cloudcarib.com
ACE (3.0, 5.0, 6.0, 7.0), PCNSE (6, 7), PCNSI
L1 Bithead

Re: URL Redirect

Yes you can.

 

You can use the block page to run a script that will re-direct the traffic to another site.  

L5 Sessionator

Re: URL Redirect


@rclark wrote:

Yes you can.

 

You can use the block page to run a script that will re-direct the traffic to another site.  


 

Isn't that what @Raido already commented above?

 

"Theoretically you can also do some tricks with response pages and Javascript redirect but this is quite hack already."

L7 Applicator

Re: URL Redirect


@Raido wrote:

No.

 

You could use DNS Proxy feature and static entries.

In this case you point your client device DNS settings towards Palo (usually with DHCP).

Set up DNS Proxy to pass on DNS requests to DNS server of your preference.

And add static entry so that if user asks for www.bing.com Palo will reply with IP of www.google.com


This will end up in certificate warnings and maybe even worse in completely blocked access because of hsts and other https security features.

Highlighted
L7 Applicator

Re: URL Redirect


@Brandon_Wertz wrote:

@rclark wrote:

Yes you can.

 

You can use the block page to run a script that will re-direct the traffic to another site.  


 

Isn't that what @Raido already commented above?

 

"Theoretically you can also do some tricks with response pages and Javascript redirect but this is quite hack already."


With this "hack"/javascript on the response page you can do great things:

  • URL redirects and even specific redirects based on categories or specific URLs
  • Different response page content based on sourceuser/URL category/website
  • Display the response page in different languages based on the users browser langiage settings
  • Redirect any access to the RP to a custom webserver and pass along all the attributs like user, category, ... to do some more statistics there (requires custom webserver implementation)
  • Create a form on the RP where a user could directly open a ticket in case of wrong category (requires jquery)
  • ...
L5 Sessionator

Re: URL Redirect


@vsys_remo wrote:


With this "hack"/javascript on the response page you can do great things:

  • URL redirects and even specific redirects based on categories or specific URLs
  • Different response page content based on sourceuser/URL category/website
  • Display the response page in different languages based on the users browser langiage settings
  • Redirect any access to the RP to a custom webserver and pass along all the attributs like user, category, ... to do some more statistics there (requires custom webserver implementation)
  • Create a form on the RP where a user could directly open a ticket in case of wrong category (requires jquery)
  • ...

 

 

At my company we've toyed with the idea about doing this for phishing training.  So when we send phishing tests out the response page would be training documentation or something specific we wanted to educate the users on

L7 Applicator

Re: URL Redirect

@Brandon_Wertz 

That's a good one!

L1 Bithead

Re: URL Redirect

Yes.  I didn't finish reading his response.  

L5 Sessionator

Re: URL Redirect


@rclark wrote:

Yes.  I didn't finish reading his response.  


 

You had 2 years 5 days to read his response...Maybe try 2 years 6 days next time?  haha jk

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!