Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
BlueMouse
New Contributor

Subdomains issue - Trying to limit to specific but all work

Hi,

We are trying to limit access to a specific sub domain by specifically whitelisting it via FQDN, as we might want to allow other sub domains at a later date. However all sub domains are being allowed through. For example:

 

Allowed:

hat.somedomain.com

 

However all sub domains such as:

coat.somedomain.com

scarf.somedomain.com

Still work.

 

All sub domains share the same IP address, and I have been advised that this might be the problem. Is this normal behavior? This is an initial sanity check to make sure I am not missing a fundamental.

 

Thanks

 

Paul

2 REPLIES 2
rwpatterson
Valued Contributor III

Welcome to the forums.

 

Have you tried using regular expressions to craft the name?

 

^hat.somedomain.com$

 

That forces it to start with 'hat', and end with '.com'. Removing the trailing dollar sign will allow it to end with anything.

Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com

Bob - self proclaimed posting junkie!See my Fortigate related scripts at: http://fortigate.camerabob.com
BlueMouse

Hi,

 

Thank you for the suggestion and happy to be here :) ^ cannot be used with FQDN. One of my guys says there is nothing that can be done with this because all subdomains resolve to the same IP address.

 

At the end of the day all I want to do is allow access to hat.somedomain.com but block access to all other subdomains.

 

Any other suggestions on the best approach? Happy to explore outside of FQDN?

Labels
Top Kudoed Authors