Explicit web proxy firewall address URL patterns

Explicit web proxy firewall address URL patterns

You can add URL pattern addresses and address groups to control the destination URLs that explicit proxy users can connect to. To add a URL pattern to go to Policy & Objects > Addresses, select Create New and set the Type to URL Pattern (Explicit Proxy). Add a URL or URL pattern that defines the URL or URLs that explicit proxy users should be limited to. Set the Interface to any.

 

For example to limit access to a single website:

www.fortinet.com

 

To limit access to websites from the same domain:

google.com

 

To limit access to a part of a website:

www.apple.com/ipad/

 

To add a URL pattern group, create several URL pattern addresses then go to Policy & Objects > Addresses, select Create New > Group and add URL patterns to the address group.

Then when creating explicit web proxy policies, select the URL pattern addresses or groups as the destination address.

 

URL patterns and HTTPS scanning

For HTTPS traffic, URL patterns can only be matched up to the root path. For example, consider the following URL pattern:

www.apple.com/ipad/

 

If a proxy user browses using HTTP, this URL pattern limits their access the iPad pages of www.apple.com. However, if a proxy user browses using HTTPS, they will be able to access all pages on www.apple.com.


Having trouble configuring your Fortinet hardware or have some questions you need answered? Ask your questions in the comments below!!! Want someone else to deal with it for you? Get some consulting from Fortinet GURU!

Don't Forget To Buy Your Fortinet Hardware From The Fortinet GURU

Leave a Reply

Name *
Email *
Website

This site uses Akismet to reduce spam. Learn how your comment data is processed.