topic FTD does not block sites based on URL rule in Network Security https://community.cisco.com/t5/network-security/ftd-does-not-block-sites-based-on-url-rule/m-p/4925007#M1104309 <P>Hello everyone,</P><P>I got an issue with FTD filtering based on URL rules (predefined categories).</P><P>I have some rules that blocks sites with adult content, gambling, video games and other categories:</P><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="apasat_0-1695042753946.png" style="width: 400px;"><img src="https://community.cisco.com/t5/image/serverpage/image-id/197545i706EB2CB9478AF25/image-size/medium?v=v2&amp;px=400" role="button" title="apasat_0-1695042753946.png" alt="apasat_0-1695042753946.png" /></span></P><P>&nbsp;</P><P>Some of sites are blocked and I got&nbsp;<SPAN>ERR_CONNECTION_RESET, so it's working fine, but a lot of websites are still accessible, even if Connection Events says it's blocked based on ACP:</SPAN></P><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="apasat_1-1695042861200.png" style="width: 400px;"><img src="https://community.cisco.com/t5/image/serverpage/image-id/197546iDA6BD39895BC59A6/image-size/medium?v=v2&amp;px=400" role="button" title="apasat_1-1695042861200.png" alt="apasat_1-1695042861200.png" /></span></P><P>I made a rule for this website in screenshot based on it's URL, but it's still working. After this, I banned it's IP addresses, and it stopped working (rule worked fine).</P><P>Can someone explain me why FTD does not block websites, but sends logs that it's blocking?</P><P><SPAN>&nbsp;</SPAN></P><P>&nbsp;</P> Mon, 18 Sep 2023 13:25:17 GMT apasat 2023-09-18T13:25:17Z FTD does not block sites based on URL rule https://community.cisco.com/t5/network-security/ftd-does-not-block-sites-based-on-url-rule/m-p/4925007#M1104309 <P>Hello everyone,</P><P>I got an issue with FTD filtering based on URL rules (predefined categories).</P><P>I have some rules that blocks sites with adult content, gambling, video games and other categories:</P><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="apasat_0-1695042753946.png" style="width: 400px;"><img src="https://community.cisco.com/t5/image/serverpage/image-id/197545i706EB2CB9478AF25/image-size/medium?v=v2&amp;px=400" role="button" title="apasat_0-1695042753946.png" alt="apasat_0-1695042753946.png" /></span></P><P>&nbsp;</P><P>Some of sites are blocked and I got&nbsp;<SPAN>ERR_CONNECTION_RESET, so it's working fine, but a lot of websites are still accessible, even if Connection Events says it's blocked based on ACP:</SPAN></P><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="apasat_1-1695042861200.png" style="width: 400px;"><img src="https://community.cisco.com/t5/image/serverpage/image-id/197546iDA6BD39895BC59A6/image-size/medium?v=v2&amp;px=400" role="button" title="apasat_1-1695042861200.png" alt="apasat_1-1695042861200.png" /></span></P><P>I made a rule for this website in screenshot based on it's URL, but it's still working. After this, I banned it's IP addresses, and it stopped working (rule worked fine).</P><P>Can someone explain me why FTD does not block websites, but sends logs that it's blocking?</P><P><SPAN>&nbsp;</SPAN></P><P>&nbsp;</P> Mon, 18 Sep 2023 13:25:17 GMT https://community.cisco.com/t5/network-security/ftd-does-not-block-sites-based-on-url-rule/m-p/4925007#M1104309 apasat 2023-09-18T13:25:17Z Re: FTD does not block sites based on URL rule https://community.cisco.com/t5/network-security/ftd-does-not-block-sites-based-on-url-rule/m-p/4925056#M1104314 <P>If you looking to Block ( select Block) rather Block with reset</P> <P>more informaion explained here block and block with reset (other options)</P> <P><A href="https://rayka-co.com/lesson/ftd-access-control-policy/" target="_blank">https://rayka-co.com/lesson/ftd-access-control-policy/</A></P> Mon, 18 Sep 2023 14:49:25 GMT https://community.cisco.com/t5/network-security/ftd-does-not-block-sites-based-on-url-rule/m-p/4925056#M1104314 balaji.bandi 2023-09-18T14:49:25Z Re: FTD does not block sites based on URL rule https://community.cisco.com/t5/network-security/ftd-does-not-block-sites-based-on-url-rule/m-p/4925680#M1104365 <P>I've tried both ways, but the sites are still available, although in connections events I see that it have been blocked based on rule (for example Gambling)</P> Tue, 19 Sep 2023 11:05:05 GMT https://community.cisco.com/t5/network-security/ftd-does-not-block-sites-based-on-url-rule/m-p/4925680#M1104365 apasat 2023-09-19T11:05:05Z Re: FTD does not block sites based on URL rule https://community.cisco.com/t5/network-security/ftd-does-not-block-sites-based-on-url-rule/m-p/4925690#M1104367 <P>Could it be the sites you tested were cached on the endpoint you tested from? if you try to ping one of those URL's would you get any responses?</P> Tue, 19 Sep 2023 11:24:41 GMT https://community.cisco.com/t5/network-security/ftd-does-not-block-sites-based-on-url-rule/m-p/4925690#M1104367 Aref Alsouqi 2023-09-19T11:24:41Z Re: FTD does not block sites based on URL rule https://community.cisco.com/t5/network-security/ftd-does-not-block-sites-based-on-url-rule/m-p/4925702#M1104369 <P>I've accessed these pages from many workstations, also cleared cache. And yes, I get icmp responses, also telnet on 80/443 is ok. So, FTD does not block traffic</P> Tue, 19 Sep 2023 11:39:12 GMT https://community.cisco.com/t5/network-security/ftd-does-not-block-sites-based-on-url-rule/m-p/4925702#M1104369 apasat 2023-09-19T11:39:12Z Re: FTD does not block sites based on URL rule https://community.cisco.com/t5/network-security/ftd-does-not-block-sites-based-on-url-rule/m-p/4925721#M1104372 <P>Add dns server IP to ftd' make sure ftd can resolve the ip.</P> Tue, 19 Sep 2023 12:15:33 GMT https://community.cisco.com/t5/network-security/ftd-does-not-block-sites-based-on-url-rule/m-p/4925721#M1104372 MHM Cisco World 2023-09-19T12:15:33Z Re: FTD does not block sites based on URL rule https://community.cisco.com/t5/network-security/ftd-does-not-block-sites-based-on-url-rule/m-p/4925748#M1104377 <P>There's already DNS servers. The problem is that some of sites are blocked, and some are not,&nbsp;<SPAN>although in connections events I can see that FTD kind restricted access (it didn't).</SPAN></P> Tue, 19 Sep 2023 12:51:58 GMT https://community.cisco.com/t5/network-security/ftd-does-not-block-sites-based-on-url-rule/m-p/4925748#M1104377 apasat 2023-09-19T12:51:58Z Re: FTD does not block sites based on URL rule https://community.cisco.com/t5/network-security/ftd-does-not-block-sites-based-on-url-rule/m-p/4925762#M1104378 <P>Some sites block some not'&nbsp;</P> <P>Check site allow is bypass by prefilter acl or it already have conn.</P> <P>If it have conn try clear conn and check again.</P> Tue, 19 Sep 2023 13:09:50 GMT https://community.cisco.com/t5/network-security/ftd-does-not-block-sites-based-on-url-rule/m-p/4925762#M1104378 MHM Cisco World 2023-09-19T13:09:50Z Re: FTD does not block sites based on URL rule https://community.cisco.com/t5/network-security/ftd-does-not-block-sites-based-on-url-rule/m-p/4925793#M1104380 <P>I've just accessed 1xbet.com (gambling site), it works fine, but conn events says that it's blocked (and one line that it's uncategorized and allowed).&nbsp;</P><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="apasat_0-1695131717846.png" style="width: 400px;"><img src="https://community.cisco.com/t5/image/serverpage/image-id/197693i8028D81DC559B86F/image-size/medium?v=v2&amp;px=400" role="button" title="apasat_0-1695131717846.png" alt="apasat_0-1695131717846.png" /></span></P><P>&nbsp;</P><P>&nbsp;</P> Tue, 19 Sep 2023 13:57:50 GMT https://community.cisco.com/t5/network-security/ftd-does-not-block-sites-based-on-url-rule/m-p/4925793#M1104380 apasat 2023-09-19T13:57:50Z Re: FTD does not block sites based on URL rule https://community.cisco.com/t5/network-security/ftd-does-not-block-sites-based-on-url-rule/m-p/4926529#M1104419 <P>Dumb question..&nbsp; Did you deploy?</P> Wed, 20 Sep 2023 12:11:25 GMT https://community.cisco.com/t5/network-security/ftd-does-not-block-sites-based-on-url-rule/m-p/4926529#M1104419 obrien2010 2023-09-20T12:11:25Z