07-09-2021 09:03 AM
Team , I have a question about something that I guess is not possible to configure but will like to confirm if possible . My client want to allow Internal NW 10.0.0.0/8 to FQDN abc1.def.com port HTTPS , this is normal and I have a few of this rules already implemented. Now the question is , is possible to create a FQDN for abc*.def.com?, a wildcard FQDN like abc*.edf.com could be created, it would cover all the individually numbered abc destinations or I will have to create individuals FQDNs for each abc*. . Thanks in advance
07-09-2021 09:37 AM
If I remember it right, then the asterisk can only be used between dots, between start and dot, and between dot and end.
To achieve what you plan, you need to use ^ (which requires PAN-OS 9.1 or higher) --> abc^.def.com/
07-09-2021 10:52 AM
I tested this on 9.1 abc^.def.com , The value on this field is invalid , Cant use ^ on the FQDN. Any other suggestion. Thanks
07-09-2021 11:17 AM
My bad, I thought you were talking about a fqdn within a URL object.
07-09-2021 01:40 PM
I was wondering if instead of creating 5 different FQDN objects abc1.def.com, abc2.def.com, abc3.def.com, abc4.def.com, abc5.def.com, I could create one to cover all 5 , abc*.def.com. So far I guess is not possible.
07-12-2021 05:06 AM
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!