Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
124
Views
0
Helpful
0
Replies

FMC/FTD - Wildcard URL objects and use of the leading dot

atsukane
Level 3
Level 3

‎11-07-2025 02:11 AM - edited ‎11-07-2025 02:12 AM

Hi All,

I've asked a question a few days ago on this 4 year old post but unsurprisingly haven't had any response so starting a new post. 

We had a requirement to allow wildcard access to a remote SQL server over tcp/1433, as the host portion of the destination URL can change dynamically.

I've tested with 2 rules, one using a wildcard network FQDN object  in "subdomain.domain.com" format (no leading "dot ."), and another rule using a wild card URL object with the leading dot, both have port specified to tcp/1433. 

The rule with network FQDN object does not work, but the rule with URL object is working fine.

Use of the leading dot in wildcard URL object was suggested by Rokib Hasan in this post Solved: Using wildcard in URL filtering - Cisco Community  

I then came across another post Wildcard domain matching on the FTD - Cisco Community  which is suggesting not to use the leading dot, so as a test I've removed the leading dot from the URL object, and confirmed the rule still works.

Gemini is telling me to use the leading dot

I haven't found an official doc from Cisco detailing the use of wildcard URL yet, and I'm pretty confused of the significance of the leading dot. 

atsukane_0-1762510006151.png

Thanks,

 

 

 

 

0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card