URL Filtering in FTD

Himanshu_Dwivedi · ‎02-20-2023

I am facing issue in FTD 1120 while configuring URL Filtering, I have setup rules using FDM with Any Any. For Testing I have allowed Full Internet Access for particular Network and I am able to browse full internet without any issue, but as soon as I add URL in ACP all the websites are blocked and unable to access internet. Can anyone help me on this

Software Version : 7.0.1-84

Note : Firewall is under Evaluation, I know it will required Add on license, but I want to know that will be be covered in Evaluation Period.

Herald Sison · ‎02-20-2023

have you tried creating 2 ACP's as follows?:

1) ACP with url filtering

2) ACP with any any

Try this and let me know if it works.

Himanshu_Dwivedi · ‎02-20-2023

Means

1. ACP with URL Filtering : Allow?

2. ACP with any any : Allow or Deny.

I have done below and after processing I am able to open all the websites, I want only to access to URL allowed in Rule no. 1 rest all to be blocked.

manabans · ‎02-20-2023

Manual URL Filtering
You can supplement or selectively override category and reputation-based URL filtering by manually filtering individual URLs or groups of URLs. You can perform this type of URL filtering without a special license.

For example, you might use access control to block a category of web sites that are not appropriate for your organization. However, if the category contains a web site that is appropriate, and to which you want to provide access, you can create a manual Allow rule for that site and place it before the Block rule for the category.

Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/70/fdm/fptd-fdm-config-guide-700/fptd-fdm-access.html#concept_BA45929BE1D543DAA1738FE58F5E4C0C