https://community.checkpoint.com/t5/Firewall-and-Security-Management/Outbound-wildcard-objects/m-p/104055#M10134 <P>Hello guys,</P><P>I'm looking to allow access to office 365 URLs, but having problem to allow access to wildcard objects, like *.outlook365.com etc.</P><P>I came across this article -&nbsp;<A href="https://community.checkpoint.com/t5/Next-Generation-Firewall/White-Paper-Implementing-Non-FQDN-Domain-Objects/td-p/57743" target="_blank">https://community.checkpoint.com/t5/Next-Generation-Firewall/White-Paper-Implementing-Non-FQDN-Domain-Objects/td-p/57743</A></P><P>Unfortunately it doesn't work for me. I can allow access to specific domain, but now to wildcard objects.</P><P>What possibly I'm doing wrong?</P><P>Should I have URL filtering or application control in order to be able to allow wildcard access?</P><P>&nbsp;</P><P>Our current version is R80.10</P><P>&nbsp;</P><P>Thanks!</P> Wed, 02 Dec 2020 20:32:06 GMT Shurik 2020-12-02T20:32:06Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Outbound-wildcard-objects/m-p/104055#M10134 <P>Hello guys,</P><P>I'm looking to allow access to office 365 URLs, but having problem to allow access to wildcard objects, like *.outlook365.com etc.</P><P>I came across this article -&nbsp;<A href="https://community.checkpoint.com/t5/Next-Generation-Firewall/White-Paper-Implementing-Non-FQDN-Domain-Objects/td-p/57743" target="_blank">https://community.checkpoint.com/t5/Next-Generation-Firewall/White-Paper-Implementing-Non-FQDN-Domain-Objects/td-p/57743</A></P><P>Unfortunately it doesn't work for me. I can allow access to specific domain, but now to wildcard objects.</P><P>What possibly I'm doing wrong?</P><P>Should I have URL filtering or application control in order to be able to allow wildcard access?</P><P>&nbsp;</P><P>Our current version is R80.10</P><P>&nbsp;</P><P>Thanks!</P> Wed, 02 Dec 2020 20:32:06 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Outbound-wildcard-objects/m-p/104055#M10134 Shurik 2020-12-02T20:32:06Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Outbound-wildcard-objects/m-p/104056#M10135 <P>Best solution would be an update to a newer version and using updatables object.</P> <P><A href="https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&amp;solutionid=sk135572" target="_blank" rel="noopener">Microsoft Office 365 objects as Network Objects in R80.20 and above</A>&nbsp;</P> <P>Wolfgang</P> Wed, 02 Dec 2020 20:43:59 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Outbound-wildcard-objects/m-p/104056#M10135 Wolfgang 2020-12-02T20:43:59Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Outbound-wildcard-objects/m-p/104057#M10136 <P>Non-FQDN domain objects don’t work in practice because reverse DNS on the relevant IP addresses rarely works.<BR />We have Updatable Objects in R80.20+ that can be used to allow access to Office 365 without implementing App Control.<BR />You can also do it with App Control but you should really upgrade to R80.30+ for the improved SNI support in HTTPS traffic (will improve App Control/URLF detection overall as well).<BR />Also, R80.10 is nearing its End of Support date, so you have plenty of reasons to upgrade.</P> Wed, 02 Dec 2020 20:45:41 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Outbound-wildcard-objects/m-p/104057#M10136 PhoneBoy 2020-12-02T20:45:41Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Outbound-wildcard-objects/m-p/104062#M10137 <P>Thanks! That's a cool option <span class="lia-unicode-emoji" title=":slightly_smiling_face:">🙂</span></P><P>Any known performance issues with&nbsp;<SPAN>updatable&nbsp;objects?</SPAN></P> Wed, 02 Dec 2020 21:34:04 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Outbound-wildcard-objects/m-p/104062#M10137 Shurik 2020-12-02T21:34:04Z