This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Gaurav_Pandya
Advisor
2 weeks ago
Jump to solution

traffic allowed for URL filtering category blocked websites

Hi Mates,

We have odd issue with URL filtering. We have blocked some categories but still we are able to access websites which belong to those categories. Interestingly log and capture shows connection is rejected but still users are able to access those websites.

For example, we have blocked category "Weapon", but we can access https://winchesterguns.com or https://browning.com 

 

URL filtering log.PNG

 

We have set mode "Hold" in URL filtering setting, but issue still persist.

Thanks in advance.

 

 

0 Kudos
2 Solutions

Accepted Solutions
Chris_Atkinson
Employee Employee
Employee
2 weeks ago
Jump to solution

1. Please check if sk182318 applies?

2. Do you block QUIC traffic in the environment?

3. Is SSL inspection enabled here?

4. Which version & JHF?

 

CCSM R77/R80/ELITE

View solution in original post

Gaurav_Pandya
Advisor
2 weeks ago
In response to Chris_Atkinson
Jump to solution

Hi Chris,

sk182318 did the trick. We were on R81.10 take 139 and upgraded to take 150 which include fix of TLS1.3 hybridized kyber support. First, we tested by disabling TLS1.3 hybridized kyber support on browser and it worked. Thanks for your help

@the_rock - Thanks for doing all efforts. We dont have ssl inspection enable but sk182318 resolved issue.

View solution in original post

5 Replies
Chris_Atkinson
Employee Employee
Employee
2 weeks ago
Jump to solution

1. Please check if sk182318 applies?

2. Do you block QUIC traffic in the environment?

3. Is SSL inspection enabled here?

4. Which version & JHF?

 

CCSM R77/R80/ELITE
Gaurav_Pandya
Advisor
2 weeks ago
In response to Chris_Atkinson
Jump to solution

Hi Chris,

sk182318 did the trick. We were on R81.10 take 139 and upgraded to take 150 which include fix of TLS1.3 hybridized kyber support. First, we tested by disabling TLS1.3 hybridized kyber support on browser and it worked. Thanks for your help

@the_rock - Thanks for doing all efforts. We dont have ssl inspection enable but sk182318 resolved issue.

the_rock
Legend
Legend
2 weeks ago
In response to Gaurav_Pandya
Jump to solution

Excellent.

0 Kudos
the_rock
Legend
Legend
2 weeks ago
Jump to solution

I see what Chris is saying. I am willing to bet if you dont ssl inspection enabled, this will never work. Let me test it in the lab and will resport back here.

Andy

0 Kudos
the_rock
Legend
Legend
2 weeks ago
Jump to solution

As I suspected, works 100% as it should with ssl inspection enabled. See below in my lab.

Andy

Screenshot_1.png

 

 

Screenshot_2.png

 

 

Screenshot_3.png

 

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
UPCOMING CLOUDMATES EVENTS
    All CloudMates Events