Re: URL Category Block - Page 2

ssan239 · ‎05-11-2023

Hi Team,

May i know if we configure a Rule with certain unwanted URL Categories to Block on top of the rule base. Will it block only the categories and allow any other traffic from that rule?

Rob Ingram · ‎05-17-2023

@ssan239 I think it's unlikely you are hosting phishing or spyware servers? In which case don't use "any" as the Source Zone, it's inefficient (as mentioned previously). You probably want a rule from Inside to Outside for URL filtering. Then inbound traffic from a public IP addressing will not match the URL filtering rule and be processed by another rule.

ssan239 · ‎05-17-2023

Thank you Rob,

True, but we do have remote access VPN setup so this has been implemented as Any Source Zone.

ssan239 · ‎05-17-2023

Hi Rob,

So does it mean it will allow traffic from out to In using this rule? We have Remote Access VPN users coming from outside so implementing the URL category rule for them will also can cause the issue is it?

Sorry for being a pain but trying to get more knowledge to follow the best practice.

Rob Ingram · ‎05-17-2023

@ssan239 if you don't specify source/destination zone and/or network and just on URL category, then that rule will be processed from any direction (inside to outside and vice versa and any other interface). If you want to follow the best practice, then as stated before don't use "any", specify the source/destination, therefore there is no ambiguity.

ssan239 · ‎05-11-2023

Thank you Very Much Rob for the clear explanation 🙂