Created on 12-01-2021 09:43 AM
I'd like to create a firewall rules/policies based on URL not the IP.
Example:
- DMZ or LAN Server-one can access only abcdefg.com
- DMZ or Server-two can access only gfedcba.com
Thank you,
T
Created on 12-01-2021 09:47 AM
Hello Trbonja,
You will have to create an FQDN address and apply that address in your firewall policy.
https://docs.fortinet.com/document/fortigate/6.2.0/new-features/329154/support-for-wildcard-fqdn-add...
GoodLuck.
Created on 12-01-2021 09:49 AM
Thank you!
Created on 08-01-2023 12:08 AM
Hello @Trbonja,
To create firewall rules or policies based on URLs rather than IP addresses. You need to generate a FQDN address and then incorporate it into your firewall policy.https://docs.fortinet.com/document/fortigate/7.4.0/administration-guide/217973/using-wildcard-fqdn-a...Thanks
Pavan
Created on 08-01-2023 01:03 AM
Hi @Trbonja,
To allow the traffic you need to create a Firewall policy.
Within the Firewall policy you can create FQDN object with specific URL as per your requirement.
Ensure do define right source and destination in the order of preference for the policy hits.
This should work.
Thanks,
Kruthi
Created on 08-01-2023 06:49 AM
Hi,
For creating policies for destination URLS, you may create FQDN and use the FQDN on the policy. You may refer to this link for the asme:https://community.fortinet.com/t5/FortiGate/Technical-Tip-Using-wildcard-FQDN/ta-p/196118BR,
Manosh
