05-22-2019 07:23 AM - edited 02-21-2020 09:09 AM
At My Edge Firewall ( Firepower 8350 ) there is a Firewall rule where I am allowing ANY Internet Traffic reaching to One of my Public IP on Http and Https port.
Right Now I want to allow traffic from Certain Domain to be allowed to come in to my Public IP not from WHOLE Internet World. For example I want to allow incoming traffic to my Public IP from below domains.
https://*.cnn.com
https://*.bbc.com
http://*.ctv.com
https://*.blob.core.windows.net
Note that in my Edge Firewall I have URL Filtering License, is it possible that I can allow these URL's in the ACL to filter the traffic only from above domains ? does it work that way ?
Solved! Go to Solution.
05-23-2019 05:14 AM
If it's a well known public service, the vendor sometimes documents their public IPs and keeps that documentation up-to-date. For instance, Microsoft does this for Office 365.
For less common domains, you're right. If it's a vendor that you partner with you can possibly arrange a private feed of their addresses and get updated when they change.
05-22-2019 07:49 AM
URL filtering only works by analyzing destination URLs.
If you want to restrict source domains, you would need to know their associated IP addresses and restrict based on those. You would put them in a network object and use it as the source in your Access Control Policy rule.
05-22-2019 09:21 AM
Problem of using the IP address is IP's are always changing and easy to get blocked when new IP Addresses are updated for those domains. What you say ?
Is there any other thoughts Marvin ?
05-23-2019 05:14 AM
If it's a well known public service, the vendor sometimes documents their public IPs and keeps that documentation up-to-date. For instance, Microsoft does this for Office 365.
For less common domains, you're right. If it's a vendor that you partner with you can possibly arrange a private feed of their addresses and get updated when they change.
05-24-2019 03:13 PM
Thank You Marvin...
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide