07-15-2020 10:17 AM
I need your help on this please.
Is it possible to have a wildcard FQDN as a source or destination address (example *.microsoft.com)
Is is possible to mix wildcard FQDN with a non wildcard FQDN in an address group (example add in *.microsoft.com with google.com in the same address group)
Thanks in advance.
07-15-2020 01:40 PM - edited 07-15-2020 01:42 PM
As per my knowledge you cannot have FQDN with wilcard mask.
But you can have wildcard destination or source address
Also you can have FQDN wildcard url.
https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000CluFCAS
Regards
07-15-2020 09:13 PM
You can't add Wildcard entry like *.microsoft.com under FQDN type address object as it should be fully qualified.
If you want to allow/deny any specific wildcard domain under security policy, you can configure custom url category.
Under custom url category, you can add single or multiple wildcard domains. And this URL category can be called under security policy directly under Service/URL category tab. Or also can be configured using URL filtering profile by taking required actions against custom url category that you have created under URL filtering profile.
Hope it helps!
Mayur
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
