Hi Friends,
Can you please help me to understand how the custom URL works in fortigate?
I have a scenario like below , please help.
1. https://prod.company.com/sitea --- Allow ( IP 201.201.201.201)
2. http://dev.company.com:9898/sitea -- Allow
( Only these 2 above sites needs to be allowed from the highly protected network)
Rest all including ,
3. https://prod.company.com ( IP 201.201.201.201)
6. "*.company.com" should be blocked at our end. But the challenge here is both allow and deny URL's having same IP. In such scenario how does a brilliant Fortigate take a decision?
Questions..
1. Basically how does a fortigate determines a http & https traffic belongs to a particular category / URL filter?
1.a - Which field of packets does it inspect to get the details ( CN / SNI / ?? )
2. How can I create a URL filtering profile for the above scenario? Will the below work?
https://prod.company.com/sitea -- simple - allow
http://dev.company.com:9898/sitea --- simple --allow
*.* -- wildcard -- Block
Thank You in advance.. :)
Nihas
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
1. Does Fortigate send the request to Fortigurad service for each http & https request?
2. Which part of packet does it consider for the inspection ? CN or http header or SNI or IP ?
3. How does it take a decision if both allow & deny URL's are configured in a same IP?
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1665 | |
1077 | |
752 | |
446 | |
220 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.