Configure URL-filter in the USG for UTM Demo

Publication Date:  2012-07-22 Views:  834 Downloads:  0
Issue Description
1,How to do a UTM demo for customer
2,How to configure the URL-filter in USG
3,How to test the URL-filter demo result.
Alarm Information
None.
Handling Process
Configure the USG2200 as follows:
Step 1Set the IP addresses of the interfaces, define routing polices, and add routes to the routing table.
interface GigabitEthernet0/0/0
ip address 192.168.0.1 255.255.255.0
interface GigabitEthernet0/0/1
ip address 10.1.1.1 255.255.255.0
firewall zone trust
set priority 85
add interface GigabitEthernet0/0/0
firewall zone untrust
set priority 5
add interface GigabitEthernet0/0/2 
firewall policy interzone trust untrust outbound
policy 1
policy source 10.1.1.0 mask 24
action permit
Step 2 Configure a URL-filter in USG2200.
Step 1
Build a Blacklist for Keyword matching HTTP Server ip address “192.168.0.2”

 Step 2
Build a policy name “urltest” for URL filter

Step 3
Enable URL default policy and apply it

Step 4
Enable URL-filter in firewall public policy and apply it

 Step 3     TestStep 1
Input the ip address “192.168.0.2” in HTTP client and browse it

Step 4     Demo effect

Root Cause
Networking in lab environment:
As shown in the following figure, USG firewall have separated two networks.One is 10.1.1.0/24,another is 192.168.0.0/24.The demo is HTTP Client browse from the HTTP server,the website ip address is “192.168.0.2”.If enabling URL-filter in USG, it can block it.The customer can browse the website “192.168.0.2” form USG.

Suggestions
None.

END