I am setting up a new Fortigate 200D on 5.2.3
I need to restrict internet access to a small number of sites.
In the past I have done this 2 different ways:
1. Custom Categories
2. URL filter
Which way is generally more efficient and are there any pros or cons to either method ?
Jeff
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
If you have a huge number of websites to block and that list is common for all the webfilter profiles (if you have too many) , then it is good to go for "custom category" where ,you can put all the urls in the custom category and block that category in all the profile.
In this scenario url filter is not advisable because, you need to go to each webfilter profile and add the huge number of blocked website entries every time.
If you have a less number of blocked websites and list is different for all the webfilter profiles, it is advisable to go for url filter.
Hi Jeff,
Url filter is more flexible in use compare to Category override .
With Url filter you can configure simple fqdn, wildcard and regex pattern to match in a URI which is not possible with category override. Category override can only take host part of fqdn as a entry .
You can also use same url filter table in multiple web filtering profile . Although this can only be done from CLI with single line command.
Thanks,
Anirudh
NSE4 JNCIP-SEC JNCIP-ENT
Can you elaborate on how you can use the same url filter in multiple profiles ? This could be very good for me.
Hi There,
In order to apply the same urls on the different web filter profile you need to do the following.
> Configure the url under the following webfilter settings.
#config webfilter urlfilter #edit <urlfilter_table_id> #set name <name_of_url> #end
> Apply that url or urlfilter_table_id on the web filter profile.
#config webfilter profile #edit <profile_name> #config web #set urlfilter-table <urlfilter_table_id> #end
Similarly, you can configure other urls or bulk urls for your configuration and then copy & paste the same urls configured on one web filter profile to different webfilter profile through the following cli commands.
Thanks & Regards,
Inder Dhand
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1547 | |
1031 | |
749 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.