Block page for security policy matches

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Block page for security policy matches

L1 Bithead

Is there a way to return a block page to users when their connection is blocked not by the URL-filter but by a security policy?

 

We have a security policy that blocks all outbound traffic to a list of foreign countries.  The problem is when users attempt to browse websites in these countries the traffic is blocked but the user doesn't receive any information about why it was blocked- the connection just times out.

IS there a way to send an HTML block page to users when the traffic is blocked?

 

Thanks

1 REPLY 1

Cyber Elite
Cyber Elite

If user tries to browse to website that is running on IP that is not permitted then this attempt is blocked before connection get's to HTTP.

Initial SYN packet gets tcp-rst back and connection is taken down.

 

What you can try is to:

Create top rule that permits traffic to your country IP addresses, application web-browsing, action allow.

Create second rule below it where destination is any, application is web-browsing and action is block.

And edit application response page.

If I were you I would add some Javascript to it so if application equals to web-browsing then show text "You are browsing to website hosted outside our country".

 

Enterprise Architect, Security @ Cloud Carib Ltd
Palo Alto Networks certified from 2011
  • 1735 Views
  • 1 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!