Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1881
Views
0
Helpful
3
Replies

FTD 6.2.2 URL filter not working as expected.

optonettech
Level 1
Level 1

‎09-25-2018 01:44 AM - edited ‎02-21-2020 08:16 AM

Hello

 

For one of our customer using ASA 5516-X with FTD 6.2.2 managed by FDM.

I created a Access Control policy to block the custom URL (eg. youtube.com) from inside to outside and kept it on the top at position #1 and the allow all policy next to it. After deploy that rule block the entire traffic from inside to outside, then I dragged the block policy to below the allow all policy and deployed it again then we are able to access internet.

 

I faced this problem in version 6.2.3.4-42 when I reimage the ASA. So I downgraded it to Ver 6.2.2-81 and tried the block policies they were working fine.For some reason I removed the policy and created it again after deployment we are facing this problem.

 

Attached the ACL snapshot for reference.

Preview file
99 KB
0 Helpful
3 Replies 3

Mohammed al Baqari
Level 11
Level 11

‎09-25-2018 03:23 AM

Your default action is block, i.e. it will block anything not explicitly
allow in the ACP.
0 Helpful

optonettech
Level 1
Level 1
In response to Mohammed al Baqari

‎09-25-2018 05:54 AM

Thank you Mohammed

 

Yes the default action is block, but before that one Inside-to-outside allow rule is also there.
Is it not inspecting that rule?

0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame

‎09-25-2018 06:04 AM

That policy looks fine from the screen shot. I don't see why moving the Youtube rule up would block everything.

 

Did you check the cli packet-tracer and/or firewall engine debug?

 

You might open a TAC case to have them look at it interactively with you.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card