- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
01-23-2025 06:13 AM
Hello everyone,
I have created a URL List in Objects - URL Categories to allow only specific URLs and added it to Policy Rule in URL Category section
However, I noticed that all traffic and is being allowed on this particular rule, seems like the URL List is being ignored
I have other rules configured the same way (with URL Lists) and all works as expected I believe.
What could be the reason? I read in some topics that URL List has to be added to URL Filtering Profile and then this Filtering profile has to be configured in the Security Rule. But it seems odd, since in Filtering Profile I would need to block all other categories and custom Lists and allow only the one I need - this would take a lot of time.
01-23-2025 12:39 PM
with a custom url category in the security rule, more packets need to be allowed through to establish which url is being accessed. if then the session does not match the expected url a rematch need to happen.
if a session hits this rule but then times out due to a communication error for example, the log will simply indicate it was allowed even though it may not supposed to be. check in such cases what the session end reason is
01-23-2025 10:54 PM
When checking the logs, I can see that the traffic is allowed and End reason is tcp-rst-from-server or aged-out.
Does tcp-rst-from-server indicate, that the traffic was allowed even though this specific destination IP/URL was not added to URL List?
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!