Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
405
Views
2
Helpful
1
Replies

URL blocking on the FMC

Go to solution
Knassi
Level 1
Level 1

‎03-12-2024 05:23 AM

I have this problem blocking a list of URLs. I created an object in the security intelligence containing a list of URLs i want to block. When applied in the ACP and enabled, the FMC blocks every traffic, not just the URLs in the object. Has anybody experienced this before? My research led me to believe that since it is a DNS policy, the FMC is picking the domain and blocking every website associated with that domain. Like if i am blocking "arccounts-google.com", the Firewall will block like google.com and every subdomain. Is that notmal? How do i block specific website like only "arccounts-google.com" and not block "google.com"?

Labels:
1 Accepted Solution

Accepted Solutions

Go to solution
Amin Shahabuddin
Cisco Employee
Cisco Employee

‎03-22-2024 12:00 AM - edited ‎03-22-2024 12:02 AM

Hi @Knassi,

 

You can try to configure the allow rule for parent domain first (www.google.com<https://www.google.com>) and then put the block rule for sub-domain after that.
* Allow rule can be any, but with the block rule, make sure you specify the security zones and source/destination networks.

 

-----------------------------------------
If you find my reply solved your question or issue, kindly click the 'Accept as Solution' button and vote it as helpful.

You can also learn more about Secure Firewall (formerly known as NGFW) through our live Ask the Experts (ATXs) session. Check out Cisco Network Security ATXs Resources [https://community.cisco.com/t5/security-knowledge-base/cisco-network-security-ask-the-experts-resources/ta-p/Redacted Phone Number] to view the latest schedule for upcoming sessions, as well as the useful references, e.g. online guides, FAQs.
-----------------------------------------

View solution in original post

1 Reply 1

Go to solution
Amin Shahabuddin
Cisco Employee
Cisco Employee

‎03-22-2024 12:00 AM - edited ‎03-22-2024 12:02 AM

Hi @Knassi,

 

You can try to configure the allow rule for parent domain first (www.google.com<https://www.google.com>) and then put the block rule for sub-domain after that.
* Allow rule can be any, but with the block rule, make sure you specify the security zones and source/destination networks.

 

-----------------------------------------
If you find my reply solved your question or issue, kindly click the 'Accept as Solution' button and vote it as helpful.

You can also learn more about Secure Firewall (formerly known as NGFW) through our live Ask the Experts (ATXs) session. Check out Cisco Network Security ATXs Resources [https://community.cisco.com/t5/security-knowledge-base/cisco-network-security-ask-the-experts-resources/ta-p/Redacted Phone Number] to view the latest schedule for upcoming sessions, as well as the useful references, e.g. online guides, FAQs.
-----------------------------------------

Customers Also Viewed These Support Documents