Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Nihas
New Contributor

URL Filtering _ Custom URL _ Basic Doubts.

Hi Friends,

Can you please help me to  understand how the custom URL works in fortigate?

I have a scenario like below , please help.

 

1.  https://prod.company.com/sitea  --- Allow   ( IP 201.201.201.201)

2.   http://dev.company.com:9898/sitea -- Allow 

( Only these 2 above sites needs to be allowed from the highly protected network)

Rest all including ,

3. https://prod.company.com          ( IP 201.201.201.201)

4. http://company.com 

5. http://dev.company.com 

6.  "*.company.com" should be blocked at our end. But the challenge here is both allow and deny URL's having same IP. In such scenario how does a brilliant Fortigate take a decision? 

 

Questions..

1. Basically how does a fortigate determines a http & https traffic belongs to a particular category / URL filter?

1.a  - Which field of packets does it inspect to get the details ( CN / SNI / ?? )

 

2. How can I create a URL filtering profile for the above scenario? Will the below work?

            https://prod.company.com/sitea  -- simple - allow

            http://dev.company.com:9898/sitea --- simple --allow

             *.*  -- wildcard -- Block

 

Thank You in advance.. :)

Nihas

 

Nihas [\b]
Nihas [\b]
1 REPLY 1
Nihas
New Contributor

 

 

1. Does Fortigate send the request to Fortigurad service for each http & https request?

2. Which part of packet does it consider for the inspection ? CN or http header or SNI or IP ?

3. How does it take a decision if both allow & deny URL's are configured in a same IP?

 

Nihas [\b]
Nihas [\b]
Labels
Top Kudoed Authors