I am cleaning up my policy rules and wondering if an asterisk can be used in an ACP? I have read this post but it is from several years ago and not sure if it is still an issue:
I have seen * in SSL Decruption policies and it worked fine. For URL filtering rule, can do test shortly if some else didnt configure it recently :)
Wildcards are not supported in the ACP. However, for URL objects, an empty space equals any character, like a wildcard. Eg: cisco.com value will match www.cisco.com and also match www.sanfrancisco.com On the other hand, if you wanted to match on only cisco.com, then you can use .cisco.com or www.cisco.com
I hope this helps!
Thank you for rating helpful posts!
Is it best practice to use a . for matching subdomains?
Would cisco.com in the acp whitelist policy whitelist:
.cisco.com would I think prevent the above from whitelisting the above site.
Firepower does support wildcard, but not this format like (*.microsoft.com) rather it support (.microsoft.com) format. You can create a URL object with value (.microsoft.com) for blocking all microsoft.com domain, it will block for support.microsoft.com/www.update.microsoft.com/or any other sub domain before .microsoft.com. So use dot(.) instead of asterisk(*) it will work fine. I am testing it in production environment.