URL List not filtering correctly

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

URL List not filtering correctly

L2 Linker

Hello everyone,

I have created a URL List in Objects - URL Categories to allow only specific URLs and added it to Policy Rule in URL Category section

However, I noticed that all traffic and is being allowed on this particular rule, seems like the URL List is being ignored

I have other rules configured the same way (with URL Lists) and all works as expected I believe.

 

What could be the reason? I read in some topics that URL List has to be added to URL Filtering Profile and then this Filtering profile has to be configured in the Security Rule. But it seems odd, since in Filtering Profile I would need to block all other categories and custom Lists and allow only the one I need - this would take a lot of time.

2 REPLIES 2

Cyber Elite
Cyber Elite

with a custom url category in the security rule, more packets need to be allowed through to establish which url is being accessed. if then the session does not match the expected url a rematch need to happen. 

if a session hits this rule but then times out due to a communication error for example, the log will simply indicate it was allowed even though it may not supposed to be. check in such cases what the session end reason is

Tom Piens
PANgurus - Strata specialist; config reviews, policy optimization

When checking the logs, I can see that the traffic is allowed and End reason is tcp-rst-from-server or aged-out.

 

Does tcp-rst-from-server indicate, that the traffic was allowed even though this specific destination IP/URL was not added to URL List?

  • 301 Views
  • 2 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!