Hello,
with FortiOS 5.2.9 is see wildcard FQDN address is not supported. What I need to do is create a policy which deny all except (for example) *.google.com. I could create a webfilter profile with a static wildcard url filter and then assign it to the ipv4 policy maybe ? but how can I deny all the other traffic ?
Thanks
Hi
With URL filter :
- *.google.com :exempt
- * : deny
Lucas
Thanks Lucas,
that is also what I was thinking to do with a url filter deny * in web filter profile (other then exempted ones). Another question is if exempting google or lets suppose any other site, even malicious ones, does it means that those sites are totally exempted even though for example included in a not allowed category in the same web filter profile ?
Hello Baboda,
>>Another question is if exempting google or lets suppose any other site, even malicious ones, does it means that those sites are totally exempted even though for example included in a not allowed category in the same web filter profile ?
Yes, it will be exempted from the FortiGuard categories too.
HoMing
Thanks a lot, just the last question is what in url filter the "monitor" action difference to "exempt" or "allow" ones.
Perfect! thanks a lot :)
User | Count |
---|---|
2677 | |
1412 | |
810 | |
703 | |
455 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.