Rule creation query

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Rule creation query

L1 Bithead

Hi Team,

 

We have created policy

 

Source: Internal subnet

Destination: Any Application:Any service/url category:custom category.

Action allow.

 

In custom URl category, we have added 2 domains. Our requirement is internal subnet user should access these 2 domains only.

However traffic is getting allowed for all other destination IP address. Why it is happening when i clearly mentioned the URL category that needs to be allowed.

 

Thank you.

 

However  traffic is getting allowed 

2 REPLIES 2

Community Team Member

Hello @BNSRIKAR ,

 

Thanks for reaching out! I have a few questions:

 

Can you confirm URL Filtering is licensed by going to Devices -> Licenses?

Once licensed is verified, can you pull up your custom URL category and share a screenshot of what your settings are? If not able to, are the pre-defined categories within the profile set to site access -> blocked? The only options set to allow should be the domains you specify. 

On your monitor logs, does the internet traffic hit the security policy you specified? 

 

 

URL Filtering , NGFW 

LIVEcommunity team member
Stay Secure,
Jay
Don't forget to Like items if a post is helpful to you!

Please help out other users and “Accept as Solution” if a post helps solve your problem !

Read more about how and why to accept solutions.

Cyber Elite
Cyber Elite

@BNSRIKAR,

If you're just looking at the logs, the firewall needs to allow enough traffic to pass to actually identify the URL being requested. It would be expected to see other traffic getting allowed until the firewall can identify the URL and determine if it matches your policy. 

Can you verify that you've actually tested on one of these restricted users and actually had a page load successfully matching this policy? My assumption is that you are just going off of traffic logs here. 

  • 1576 Views
  • 2 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!