Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
960
Views
0
Helpful
1
Replies

Cisco Firepower v6.7 URL Filtering Whitelist

Go to solution
horusmax911
Level 1
Level 1

‎02-22-2023 01:23 AM

Hi everyone,

I'm trying to whitelist Facebook from Social Networking by creating the above rule to allow it, but it didn't work, although the ACL has been hit, the webpage can't load. I'm thinking to use a wildcard mask, like "*facebook.com" but seems like it doesn't work on Cisco Firepower. Is that any other method that I can try? Appreciate the help.

I have attached some pictures for reference.

Preview file
13 KB
Preview file
70 KB
Preview file
71 KB
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Arunkumar Sathasivam
Cisco Employee
Cisco Employee

‎03-13-2023 06:04 AM - edited ‎03-13-2023 06:05 AM

Hi Horusmax,

 

When you apply URL based ACL it will allow only facebook.com and it wont allow any Facebook supporting URL. Currently static.xx.fbcdn.net is supporting URL for Facebook which need allow in ACL. We would recommend you to apply Application based ACL instead of URL based ACL.  Please verify the Application based ACL Screenshot below

 

 

But you want to control website based on URL control then make sure you enter all supporting URL's for Particular website. For Facebook you need to allow 2 URL's

 

1. www.facebook.com

2.  static.xx.fbcdn.net

 

Hope above answer is help you to resolve the issue

 

-----------------------------------------
If you find my reply solved your question or issue, kindly click the 'Accept as Solution' button and vote it as helpful.

You can also learn more about Secure Firewall (formerly known as NGFW) through our live Ask the Experts (ATXs) session. Check out Cisco Network Security ATXs Resources [https://community.cisco.com/t5/security-knowledge-base/cisco-network-security-ask-the-experts-resources/ta-p/4416493] to view the latest schedule for upcoming sessions, as well as the useful references, e.g. online guides, FAQs.
-----------------------------------------

 

Regards

Arunkumar

View solution in original post

0 Helpful
1 Reply 1

Go to solution
Arunkumar Sathasivam
Cisco Employee
Cisco Employee

‎03-13-2023 06:04 AM - edited ‎03-13-2023 06:05 AM

Hi Horusmax,

 

When you apply URL based ACL it will allow only facebook.com and it wont allow any Facebook supporting URL. Currently static.xx.fbcdn.net is supporting URL for Facebook which need allow in ACL. We would recommend you to apply Application based ACL instead of URL based ACL.  Please verify the Application based ACL Screenshot below

 

 

But you want to control website based on URL control then make sure you enter all supporting URL's for Particular website. For Facebook you need to allow 2 URL's

 

1. www.facebook.com

2.  static.xx.fbcdn.net

 

Hope above answer is help you to resolve the issue

 

-----------------------------------------
If you find my reply solved your question or issue, kindly click the 'Accept as Solution' button and vote it as helpful.

You can also learn more about Secure Firewall (formerly known as NGFW) through our live Ask the Experts (ATXs) session. Check out Cisco Network Security ATXs Resources [https://community.cisco.com/t5/security-knowledge-base/cisco-network-security-ask-the-experts-resources/ta-p/4416493] to view the latest schedule for upcoming sessions, as well as the useful references, e.g. online guides, FAQs.
-----------------------------------------

 

Regards

Arunkumar

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card