This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
_CP_Firewall
Contributor
‎2022-09-07 08:22 AM

Allow specific URL from blocked category - R81.10

Hi everyone,
I am facing an issue that i have blocked News / Media category but i want to allow a specific website/URL which is being blocked due to this category News / Media.
Is there any way to allow the specific (www.example.com) website/URL ?

 

0 Kudos
3 Replies
RS_Daniel
Advisor
‎2022-09-07 09:10 AM

Hello,

Create a custom application object and add the following URL's:

You can check sk165094 for detailed information.

Regards

_CP_Firewall
Contributor
‎2022-09-08 01:56 AM
In response to RS_Daniel

Hi RS_Daniel,
We tried but still we are getting reject log in smart Console and seems like the rule we created is not being hit, URL is getting blocked from the below blocked category rule. (Rule 1 - We allowed URL , Rule 2 - Category is blocked int the rule. )

zdebug show some messages like : 
dropped by fwmultik_process_f2p_cookie_inner Reason: PSL Drop: TLS_PARSER 
up_fw_print_rb_exe_drop_info: on layer 'CP-GW': MATCH on rule 2 action Reject

 

1_01]@;3929553837;[vs_0];[tid_24];[fw4_24];up_fw_print_rb_exe_drop_info: on layer 'CP-GW': MATCH on rule 2 action Reject <dir 0, 10.1.1.1:57524 -> 162.159.X.Y:443 IPP 6>;

[1_01]@;3929553840;[vs_0];[tid_24];[fw4_24];fw_log_drop_ex: Packet proto=6 162.159.X.Y:443 -> 10.1.1.1:57524 dropped by fwmultik_process_f2p_cookie_inner Reason: PSL Drop: TLS_PARSER

[1_01]@;3929553843;[vs_0];[tid_24];[fw4_24];fw_log_drop_ex: Packet proto=6 162.159.X.Y:443 -> 10.1.1.1:57524 dropped by fwmultik_process_f2p_cookie_inner Reason: PSL Drop: TLS_PARSER

[1_01]@;3929554058;[vs_0];[tid_24];[fw4_24];up_fw_print_rb_exe_drop_info: on layer 'CP_GW': MATCH on rule 2 action Reject <dir 0, 10.1.1.1:57525 -> 162.159.X.Y:443 IPP 6>;



We have created Rule 1 to allow the URL but seems like it's not getting hit.

Any help ?

0 Kudos
the_rock
Legend
Legend
‎2022-09-07 10:12 AM

Agree with @RS_Daniel . Just create say custom app object OR domain object and place allow rule above that blocks it, thats it.

Andy

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    Virtual

    Thu 25 Apr 2024 @ 11:00 AM (SGT)

    APAC: CPX 2024 Recap

    Thu 25 Apr 2024 @ 10:00 AM (CEST)

    The Anatomy of a Cloud Hack by NotSoSecure - EMEA Session

    Thu 25 Apr 2024 @ 06:00 PM (IDT)

    The Anatomy of a Cloud Hack by NotSoSecure - America Session
    Virtual

    Tue 30 Apr 2024 @ 03:00 PM (CDT)

    EMEA: CPX 2024 Recap
    Virtual

    Wed 01 May 2024 @ 02:00 PM (EDT)

    South US: HTTPS Inspection Best Practices
    Virtual

    Thu 02 May 2024 @ 11:00 AM (SGT)

    APAC: What's new in R82
    Virtual

    Thu 25 Apr 2024 @ 11:00 AM (SGT)

    APAC: CPX 2024 Recap
    Virtual

    Tue 30 Apr 2024 @ 03:00 PM (CDT)

    EMEA: CPX 2024 Recap
    Virtual

    Wed 01 May 2024 @ 02:00 PM (EDT)

    South US: HTTPS Inspection Best Practices
    Virtual

    Thu 02 May 2024 @ 11:00 AM (SGT)

    APAC: What's new in R82
    Virtual

    Thu 02 May 2024 @ 10:00 AM (CEST)

    CheckMates Live BeLux: How Can Check Point AI Copilot Assist You?
    Virtual

    Thu 02 May 2024 @ 04:00 PM (CEST)

    CheckMates Live DACH - Keine Kompromisse - Sicheres SD-WAN
    CheckMates Events