This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
roy_adir
Explorer
‎2017-11-29 10:32 AM

White list URL

Hi,

I'm using CheckPoint 790 appliance.
I'm trying to block all internal address outgoing to the internet except white list URL that I had made.
I set up the blade control regarding to the firewall policy on Strict mode, and now the last rule on Outgoing section on the policy is : Any- Internet - Block.
Above it, I made a manual rule says: Any - Internet - My white list URL and accept.

After this, no one can browse inside the organization to the internet to my White list.

I could have some help regarding to this, what do I do wrong?

thanks!

0 Kudos
5 Replies
PhoneBoy
Admin
Admin
‎2017-11-29 04:27 PM

If you don't mind sharing, what is the URL in question?

Note that if it's an HTTPS URL, then you may also need to enable HTTPS Inspection.

0 Kudos
roy_adir
Explorer
‎2017-11-30 01:06 AM
In response to PhoneBoy

Hi,

Thank you for your respond!

its a mixed of web site, banks and web sites related to work.

I may have on that list HTTPS web sites.

but the thing is, when i'm doing the steps I wrote above, no one have an internet at all.

on the logs, it says the user has blocked because of rule number 5 which is the auto generated rule was created due Strict option I did on Firewall blade:

Any- Internet - Block..

0 Kudos
PhoneBoy
Admin
Admin
‎2017-11-30 07:45 AM
In response to roy_adir

For some sites to be detected properly (particularly ones with HTTPS) you may need to enable HTTPS Inspection, which was added in the R70.20.70 firmware release.

If you do not do this, it is possible the gateway will not be able to detect the particular URL correctly.

If that's the case for all the URLs you've decided to whitelist, then the behavior you are seeing is expected.

0 Kudos
roy_adir
Explorer
‎2017-12-01 08:26 AM
In response to PhoneBoy

That's helped, so thank you ver much for that!

however, I have one web site, which is HTTPS, and it doesnt have a certificate. so even with HTTPS inspection - 

I cannot properly go into. only when i'm disable the inspection I can browse to it.

there is any way I can get his certificate from the owner and install it on the checkpoint?

if I can, how can I do it?

thank you!

0 Kudos
PhoneBoy
Admin
Admin
‎2017-12-01 09:00 AM
In response to roy_adir

A site can't be HTTPS without having a certificate.

However, HTTPS Inspection can fail for any number of reasons.

There should be logs that indicate why it is failing.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events