05-25-2018 05:16 AM
Dear all,
I want to permit HRT members access a recruitment website called "https://www.vietnamworks.com". I create a security rule permit them to access a URL_category named "HRT_recruitment".
In "HRT_recruitment" category I added "*.vietnamworks.*" and "vietnamworks.*" and even "www.vietnamworks.com" but It doesn't work.
I checked traffic log, Traffic was not allowed by "HRT_recruiment" rule, traffic passed it and went to "All_deny" rule. So traffics were denied.
Many other URLs have same issue. But this issue just happen sometime ago, It worked normally before. Maybe it started when the content version transitions from the 3-digit version numbering scheme to the new 4-digit version numbering scheme.
My FW running 8.0.5 software version, Application version 8024-4749
05-28-2018 11:56 AM
Don't use the wildcard at the end of the website. If this is a .com then use vietnamworks.com and *.vietnamworks.com as the URLs. Where you're including the second wildcard the firewall has a hard time matching that to the requested URL.
Second, this is a really broad rule that seems rather unnessicary. Does the application and service actually need to be 'any' for this? Best case scenario you should be able to setup the application as 'web-browsing' and 'ssl' and then set the service as application-default. The rule as configured really isn't best practice at all.
05-28-2018 06:53 PM
Thank you @BPry, I've learned an other lession
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
