No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

URL category filter function of USG6320 doesn't work on V5R1C30 version

Publication Date:  2018-03-09 Views:  94 Downloads:  0
Issue Description

customer has defined security rules to access internet in which restricted URL’s are blocked but users have reported that they are still able to access them instead of being put them under blocked category.

Handling Process

1. As customer tested the website “www.torrentdownloads.me”, it is resolved by firewall that is HTTPS traffic.
2. For the HTTPS traffic, need to configure SSL decryption for the FW to implement URL filtering on decrypted HTTP traffic.

Root Cause

Because the website is HTTPS traffic and some websites aren’t in the URL category of firewall, need add them in blacklist.

Solution

1. Configure SSL decryption certificate, then import and install the trusted certificate on intranet PC.
    a) Generate certificate as follows:

    b) Then you can see the certificate as follow, then download it and send it to every PC which you want to block

    c) Install the certificate on every PC with Trusted Root Certification Authorities

2. Configure proxy policy to decrypt HTTPS traffic.

3. Then commit and save the changed configuration.


Ø  After configuring SSL decryption, if you still find that there are some website cannot be blocked, you can check if the website is contained in the URL category. You can check it by below guide:

For example:  the website “www.torrentdownloads.me”, it isn’t contained in the URL category,

Then need add the website in blacklist to block, if you cannot distinguish the website is URL or host, you can add it in blacklist of both URL and host.

As long as there is no search for website in the URL category, you need to make it to be blocked by adding blacklist.



 

 

END