Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
drivesafely
New Contributor

Allow specific full url in fortigate

Hello All,

In Fotigate firewall, can someone guide how can we allow a specific full/exact URL as below only,

https://code.ionicframework.com/ionicons/2.0.1/css/ionicons.min.css

Thanks,

 

11 REPLIES 11
drivesafely

@ezhupa 

After creating the Web filter as desired, i shall create a policy for it. Can you please guide on the policy, as well?

Source: Devices to be allowed.

Destination: All?

Service: HTTPS

Action: ACCEPT or DENY ?

Webfilter: Select the one i created.

SSL inspection: certificate-inspection.

 

Thanks,

ezhupa

Hello

Destination in this case can be all since nevertheless you will block everything through UTM and will filter by source to the specific subnet you want this rule to apply.

Service I would suggest "ALL"

Action would of course be accept in order to allow the traffic to traverse the device. 

Inspection: certificate inspection if you want to only check the SNI on the certificate of the website
deep inspection if you want the traffic to be decrypted and the payload to be inspected as well. This will generate an error into the browser if the cert is not added into the trusted CA of the browser itself.

 

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors