Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Wurstsalat
New Contributor III

Created on ‎05-09-2017 04:02 AM

Best way Explicit Proxy with Authentication + URLs without Authentication

Hi there,

what do you think is the best way to Archive the following:

- Webtraffic should be authenticated, except for some defined URLs which should reachable for all People.

 

What i thought i am good to go with an explicit proxy rule

 

1. rule

src: internal lan

dst: any

Action: accept

webfilter: defined static URL filter to allow certain urls

2. rule

src: internal lan

dst: any

Action: authentication

 

But it seems it works like an firewall rule, while the traffic rule applies (dst: any) the rule applies and nothing is explicit forbidden everything is allowed. So how Archive this with an URL filter?

 

Because there are certain drawbacks to use FQDN adress rules (performance, dns spoofing and so on) we want to avoid it but dont know how.

 

Any ideas on this or cant we archive this with fortigate?

 

 

Labels:
5824
0 Kudos
0 REPLIES 0
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.