Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
ledesgagnes
Explorer

Unable to allow a URL via WIFI but works from Ethernet

Hi,

To put in place a context, I am replacing a previous IT manager who left the enterprise several months ago.

I had a request put in place to allow certain URL which are in the Alcohol & Tobacco. So I went in Blade, under application and URL filtering and added a rule to allow this category.

I went with a source of: Any

Destination: Internet

Application: Category Alcohol & Tobacco

Action: Allow 

When I am on the network, the rule work without any issue. Once I disconnect the cable and get on the wifi and hit the same URL, I am sent to a Check Point Application Control Page, where it says that Access is blocked according to the organization security policy. It also provide a Reference: 0B34CDBD.

 

I did research on the web and I've looked around in Blade but didn't find anything that differentiate Ethernate from WIFI.

 

Thanks

 

0 Kudos
6 Replies
Maarten_Sjouw
Champion
Champion

What version are you running? When R80+ is the application/URL policy an inline layer? If so is there a different rule with inline layer for WiFi and LAN?
Regards, Maarten
0 Kudos
ledesgagnes
Explorer

Hi Maarten

 

R77.30, so it would be something else...

 

Thanks

Louis

0 Kudos
PhoneBoy
Admin
Admin

When it works, what rule is matched?
When it doesn't work, what rule is matched?
I suspect the block rule is happening before your allow rule.
0 Kudos
ledesgagnes
Explorer

I was suspecting that as well so I have removed the block rule (there was only one for that category)...but for a reason I don't understand it still applies it when I am on the WIFI. I did a lookup to see if there was any other rule which was using that Category but there wasn't.

If feels like there's a section for Ethernet which I see by default and another one for WIFI that's hidden by default and that I can't find.

 

 

0 Kudos
Maarten_Sjouw
Champion
Champion

Be aware that in the Application rules your only reference is the name column. The name is all you will see in the logging, so that is the only way to identify which rule it matches on.
Regards, Maarten
0 Kudos
PhoneBoy
Admin
Admin

It may be getting blocked by an entirely different rule under a completely different category.
Make sure logging is enabled for every App Control rule.
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events