Block DMZ specific URL

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Block DMZ specific URL

L2 Linker

Hi dear,

I wanted to block from Internet a specific URL on our public
webserver that located on our DMZ:

We have a webserver on our DMZ example (https://toto.ourcompany.com) so we have
a policy that allow from Internet to access this webserver by SSL, what I want
to do is to block only for example (https://toto.ourcompany.com/Web/login.html).

I did a URL filtering profile and put this URL to the block
list and apply it to my Policy but it doesn’t work, I don’t really know if the
URL filtering profile it working from untrusted Zone to trusted Zone ?

Is there another way to block this specific URL ?

Thanks

1 accepted solution

Accepted Solutions

L3 Networker

You should be able to apply a url filtering policy to block that specific url and apply on the policy form internet to dmz.  You can verify the policy it is hitting with the following command:  test security-policy-match source <address> destination-port 443 destination <address> protocol 6

Based off of this result place the url policy on this security policy.

You should also check your url filtering logs to see what is the url we see it as.

View solution in original post

2 REPLIES 2

L3 Networker

You should be able to apply a url filtering policy to block that specific url and apply on the policy form internet to dmz.  You can verify the policy it is hitting with the following command:  test security-policy-match source <address> destination-port 443 destination <address> protocol 6

Based off of this result place the url policy on this security policy.

You should also check your url filtering logs to see what is the url we see it as.

It work, many thanks for your help.

BES

  • 1 accepted solution
  • 2376 Views
  • 2 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!