Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
198
Views
1
Helpful
1
Replies

FMC Rule to allow HTTPS connectivity to FQDNS

Go to solution
watson.james796@gmail.com
Level 1
Level 1

‎05-22-2025 08:32 AM

Good Morning Team,

I'm trying to allow HTTPS traffic sourced from an Internal server in our DMZ , to FQDNS using a rule applied to our current ACP running on our FTDs. Here is the following rule:

Source

Zone (object DMZ)

NET (Object (Server IP)

Port (Type: Port / Value TCP: 443)

Destination

ZONE (Corp - Outside)

Port (TCP:443)

URL (Listed FQDNs)

Should I have a network listed in the destination as well?

Thanks in Advance,

James 

 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎05-22-2025 09:05 AM

URL rules with FQDNs do not require a network address. Note however that for them to work consistently, the DNS server used by the firewall should match that being used by the clients. We can sometimes see differing lookup results when they don't match. Even when they do, varying DNS cache timeouts and use of CDNs by the hosting provider can sometimes cause issues.

View solution in original post

1 Reply 1

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎05-22-2025 09:05 AM

URL rules with FQDNs do not require a network address. Note however that for them to work consistently, the DNS server used by the firewall should match that being used by the clients. We can sometimes see differing lookup results when they don't match. Even when they do, varying DNS cache timeouts and use of CDNs by the hosting provider can sometimes cause issues.

Customers Also Viewed These Support Documents