10-18-2010 05:53 AM
I have a custom URL category which contained
*.sourceforge.net with an action of "allow" (the normal action for category shareware/freeware is "alert".
When I visited "http://sourceforge.net" it logged an alert.
I had to change the custom category to contain:
*.sourceforge.net
sourceforge.net
For the allow to take effect.
I was a little surprised as I expected the wildcard to include the primary domain?
10-18-2010 06:01 AM
Hi There,
Wild cards work within delimeters/separators which are the following:
. (dot)
/ (slash)
? (question mark)
& (ampersand)
= (equal)
; (semi colon)
+ (plus)
So in your example the *.sourceforge.net would need the . (dot) to be there for a match, which it was not.
For some web sites with subdomains, you may need the following:
website.net
*.website.net
*.*.website.net
I hope this helps makes things clearer
Thanks
James
10-18-2010 06:01 AM
Hi There,
Wild cards work within delimeters/separators which are the following:
. (dot)
/ (slash)
? (question mark)
& (ampersand)
= (equal)
; (semi colon)
+ (plus)
So in your example the *.sourceforge.net would need the . (dot) to be there for a match, which it was not.
For some web sites with subdomains, you may need the following:
website.net
*.website.net
*.*.website.net
I hope this helps makes things clearer
Thanks
James
10-18-2010 06:52 AM
Thanks James, I didn't appreciate the "." was a hard delimiter and had to be present.
10-18-2010 09:54 AM
No worries - good luck 
10-31-2010 03:28 AM
So there's something I'd like to do but I'm unsure how.
Right now I have our Exchange server behind the PAN and policies that do SSL decryption as well as URL filtering to only allow:
site.domain.com/oma
site.domain.com/oma/*
site.domain.com/exchange
site.domain.com/exchange/*
site.domain.com/exchweb/*
site.domain.com/favicon.ico
site.domain.com/microsoft-server-activesync
site.domain.com/microsoft-servdeviceid=*
site.domain.com/microsoft-server-acdeviceid=*
site.domain.com/microsoft-server-actdeviceid=*
site.domain.com/microsoft-server-actideviceid=*
site.domain.com/microsoft-server-activdeviceid=*
site.domain.com/microsoft-server-activedeviceid=*
site.domain.com/microsoft-server-activesdeviceid=*
site.domain.com/microsoft-server-activesync?*
site.domain.com/microsoft-server-adeviceid=*
site.domain.com/microsoft-server-deviceid=*
site.domain.com/microsoft-serverdeviceid=*
site.domain.com/public/*
site.domain.com/rpc/*
Which are the URL's that OWA uses (all the ones in the middle are due to how the PAN seems to interpret certain URL's).
I'm looking at an external host monitoring service which would need to check if "site.domain.com" is up, but right now if it tries to connect it reports "Malformed response" as the PAN is blocking/not responding to the request to https://site.domain.com as expected.
If I add "site.domain.com" to the top of my URL allow list above, I'm basically accepting any/all requests which is precisely what I don't want to do.
So how can I allow requests explicitly to "site.domain.com" but only to "site.domain.com" as well as the paths in the list above i.e. a request to "site.domain.com/somethingrandom" would still be denied?
11-08-2010 10:13 AM
No, there really is no way to do what you are trying. By adding site.domain.com/ to the allow list, it will allow all queries for items to the right of "/".
The only workaround is to create a new security policy for the source IP addresses that the monitoring site uses and either allow all http traffic for that site or create a new URL filtering profile for this new security policy.
11-08-2010 10:35 AM
Thanks, I had a feeling from experimenting that might be the case, but at least that confirms it.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
