cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
246
Views
2
Helpful
1
Replies

FMC URL filter rule priority

josef84
Level 1
Level 1

Hello, 

I have a situation where I have to create a URL filter, however, I'm not sure about the impact of the rule, or what order it should be processed in. 

1. There are 3 URL's that need to be accessed by a group of networks, ONLY these networks can access these URL's. By creating this rule, all other networks will be implicitly denied access to the URL, correct?

2. I have other networks that still need HTTPS access to other sites, but not the 3 URL's, will these networks be unaffected by the previous rule at the top of my policy? 

Thank you.

 

 

1 Accepted Solution

Accepted Solutions

@josef84 no, you would need a rule to explictly deny traffic to those 3 URLs higher up in the ruleset to deny access.

If you create a rule for a group of networks to access those 3 URLs, those networks would match that rule, any other network that does not match that rule will be processed by the remaining rules in access control policy. This may mean they are processed by the HTTPS rule you refer to.

View solution in original post

1 Reply 1

@josef84 no, you would need a rule to explictly deny traffic to those 3 URLs higher up in the ruleset to deny access.

If you create a rule for a group of networks to access those 3 URLs, those networks would match that rule, any other network that does not match that rule will be processed by the remaining rules in access control policy. This may mean they are processed by the HTTPS rule you refer to.

Review Cisco Networking for a $25 gift card