Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
ebeaulieu
Explorer

Add HTTP/2 in Application/site service

Hello,

We had a rule to allow some web site with the object : Application/site and add the domain in the URL List. I have a Firewall rule (Blade Firewall + App & URL filtering) ; 

Src: My_server   Dst: Any_except_my_network   Service&App: (Application/site - My_remote_domain)  Action: Allow

I just realized that the "HTTP/2 over TLS" application, to this allowed domain, was drop by my default rule. So I try to add in "Manage & site > application Control & URL Filtering > Advanced settings" but I can't add in addition to HTTP and HTTPs the application HTTP/2.

 

So I add the "HTTP/2 over TLS" in the Service&App in addition to my Allowed remote domain (Application/site - My_remote_domain). But now I suppose will have access to all Internet with HTTP/2, not only my allowed domain.

 

Do you know if it is possible to add HTTP/2 in the default Service "Web Browsing" ?

 
 

 

Best regards

Eric

 

 

 

 

 

 

0 Kudos
3 Replies
PhoneBoy
Admin
Admin

If you want to allow websites over HTTP/2, you need to be on R80.40 and above.
No special configuration is needed here as the normal App Control categories and your custom application/sites should just work.
See: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...

0 Kudos
ebeaulieu
Explorer

Hello,

Thanks @PhoneBoy  for the reply. But event if I am in R80.40, I think I can't restrict HTTP/2 for some domain. For that, I use the CP object Application/Site and by defaut it only use HTTP & HTTPs it will not match HTTP/2 over TLS.

Eric

0 Kudos
PhoneBoy
Admin
Admin

As far as I know, that should work.
If it’s not, then we probably need a TAC case to investigate.

0 Kudos