Unblocking ninite.com

cancel
Showing results for 
Search instead for 
Did you mean: 

Unblocking ninite.com

L3 Networker

I created a URL filter to block shareware sites; however I need to unblock one that I use. ninite.com. I have had no success getting this site to work. Adding the url ninite.com to the allow list, I am given an SSL error (enable TLS 1.0, 1.1, 1.2) which is enabled. I tried adding the IP address and that did not work. It appears the site is using a non-standard port (port 6080). So I added that port to as part of the IP address to allow. That partially got the site working but the installer still does not.  The site has a SSL certificate and the certificate CN matches the URL that I added to the allow list. 

 

Anyone willing to drill down on this issue and see what is needed to get it working? 🙂  I am guessing the installer is using a different port as well...


Thanks,

 

1 ACCEPTED SOLUTION

Accepted Solutions

It appears you just need a "Shareware-Freeware Bypass" custom URL category.

 

Create a custom URL category naming it whatever you like set that category action to alert.  Add the url to this custom category and you should have no issues.

View solution in original post

7 REPLIES 7

Cyber Elite
Cyber Elite

I can get to the site and my logs don't show the site using port 6080.  It's using the normal HTTPS port (443).  We're doing SSL Interception and the site is using TLS1.2 AES_256_CBC / HMAC-SHA1

Did you add share-ware-and-freeware to any URL filtering? I have it under Continue, at the moment.

It's just an "alert" action.

 

Oh...port 6080 is the dump-off port Palo uses for "continue/override" actions.

<duplicate post>

It appears you just need a "Shareware-Freeware Bypass" custom URL category.

 

Create a custom URL category naming it whatever you like set that category action to alert.  Add the url to this custom category and you should have no issues.

View solution in original post

That did the trick. Curious why a custom URL category would work differently than adding the same site to the allow site lists on the URL filter. Hmm.. It works, and that is all that matters. Thanks!

 

hrmm, not sure how exactly an "Allow List" in a URL profile would work compared to the specific URL Category, but it just seems to me that using the "Custom URL" categories would be better.  They can be used in multiple places and have more controlls around them.

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!