Wildcards in URL filtering for SSL-decrypt bypass
cancel
Showing results for 
Search instead for 
Did you mean: 

Wildcards in URL filtering for SSL-decrypt bypass

L1 Bithead

OK, so this is driving me mad and I'm obviously missing something.

I've created a custom URL category in which I wish to drop URLs that will bypass SSL decryption.  In this I want to use wildcards, so that all sites for a particular company can be bypassed.

For the sake of example, let's say the site I want to get to unencrypted is https://www.microsoft.com

In the URL category I've added *.microsoft.com using the wildcard EXACTLY as documented in the URL_Categorzation_PANOS-RevC.pdf document posted on this site.

The custom URL category is then referenced in a rule in my Decryption policy, with action no-decrypt and type ssl-forward-proxy set appropriately

Everything has then been committed back to the PANOS firewall.

Result?  URLs matching the wildcard are still being decrypted.  The firewall is completely ignoring the bypass rule.

Anyone got any idea why?  The CLI "Test" command doesn't even recognise my custom URL categories, so that's no help.

Firewall is running 5.0.5

Thanks in advance

1 REPLY 1

L7 Applicator

Hello Sir,

Try to add

*.microsoft.com

*.microsoft.*

*.microsoft.*/

*.microsoft.*/*


Please go through below mentioned discussion and documents, hope it will help you.

.

Controlling SSL Decryption

Thanks

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!