06-30-2022 01:58 PM
Hi, I'm configuring some filtering rules in a firepower and it's not filtering my traffic.
I really don't know if it's because of a license issue or I have some bad configuration.
This is a lab that I am doing with an IOS that I downloaded from the Cisco page and it has a 90-day license
06-30-2022 04:15 PM
Hello, With evaluation licenses you can use all features as long as they do not expire.
Regarding the rules that you have configured, I see that you want to do it for a specific URL. Could you show the config of those URLs.
In the Analysis and events section you can verify why it is not working as expected, that is, if it is matching another rule or if you are missing something.
07-01-2022 05:48 AM
Hello, if I am actually trying to filter by URL, I will show you the rules
in the events I do not see that it is blocking anything.
07-01-2022 06:27 AM
07-01-2022 07:07 AM
As @Mohammed al Baqari noted make sure you first turn on logging (to FMC) for your rules.
Also make sure the FTD devices have a valid DNS configuration to allow them to resolve the IPs of the URLs. that's necessary in order to block the URLs since the client requests will be for traffic to a given IP - not a URL - in the body of the traffic.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide