06-02-2022 08:29 AM
Hi Team,
We have created policy
Source: Internal subnet
Destination: Any Application:Any service/url category:custom category.
Action allow.
In custom URl category, we have added 2 domains. Our requirement is internal subnet user should access these 2 domains only.
However traffic is getting allowed for all other destination IP address. Why it is happening when i clearly mentioned the URL category that needs to be allowed.
Thank you.
However traffic is getting allowed
06-02-2022 10:19 AM - edited 06-02-2022 05:01 PM
Hello @BNSRIKAR ,
Thanks for reaching out! I have a few questions:
Can you confirm URL Filtering is licensed by going to Devices -> Licenses?
Once licensed is verified, can you pull up your custom URL category and share a screenshot of what your settings are? If not able to, are the pre-defined categories within the profile set to site access -> blocked? The only options set to allow should be the domains you specify.
On your monitor logs, does the internet traffic hit the security policy you specified?
06-02-2022 06:39 PM
If you're just looking at the logs, the firewall needs to allow enough traffic to pass to actually identify the URL being requested. It would be expected to see other traffic getting allowed until the firewall can identify the URL and determine if it matches your policy.
Can you verify that you've actually tested on one of these restricted users and actually had a page load successfully matching this policy? My assumption is that you are just going off of traffic logs here.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
