FQDN Addresses

Reply
L1 Bithead

FQDN Addresses

I need your help on this please.

 

Is it possible to have a wildcard FQDN as a source or destination address (example *.microsoft.com)

 

Is is possible to mix wildcard FQDN with a non wildcard FQDN in an address group (example add in *.microsoft.com with google.com in the same address group)

 

Thanks in advance.

Cyber Elite

@rockfort 

 

As per my knowledge you cannot have FQDN with wilcard mask.

But you can have wildcard destination or source address

 

https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-new-features/networking-features/wildcard-addres...

 

 

Also you can have FQDN wildcard url.

 

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000CluFCAS

 

 

Regards

MP
L6 Presenter

@rockfort ,

 

You can't add Wildcard entry like *.microsoft.com under FQDN type address object as it should be fully qualified.

 

If you want to allow/deny any specific wildcard domain under security policy, you can configure custom url category.

 

Under custom url category, you can add single or multiple wildcard domains. And this URL category can be called under security policy directly under Service/URL category tab. Or also can be configured using URL filtering profile by taking required actions against custom url category that you have created under URL filtering profile.

 

Hope it helps!

Mayur

Mayur S.
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!