Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Shurik
Participant

Outbound wildcard objects

Hello guys,

I'm looking to allow access to office 365 URLs, but having problem to allow access to wildcard objects, like *.outlook365.com etc.

I came across this article - https://community.checkpoint.com/t5/Next-Generation-Firewall/White-Paper-Implementing-Non-FQDN-Domai...

Unfortunately it doesn't work for me. I can allow access to specific domain, but now to wildcard objects.

What possibly I'm doing wrong?

Should I have URL filtering or application control in order to be able to allow wildcard access?

 

Our current version is R80.10

 

Thanks!

0 Kudos
Reply
3 Replies
Wolfgang
Leader
Leader

Best solution would be an update to a newer version and using updatables object.

Microsoft Office 365 objects as Network Objects in R80.20 and above 

Wolfgang

Shurik
Participant

Thanks! That's a cool option 🙂

Any known performance issues with updatable objects?

0 Kudos
Reply
PhoneBoy
Admin
Admin

Non-FQDN domain objects don’t work in practice because reverse DNS on the relevant IP addresses rarely works.
We have Updatable Objects in R80.20+ that can be used to allow access to Office 365 without implementing App Control.
You can also do it with App Control but you should really upgrade to R80.30+ for the improved SNI support in HTTPS traffic (will improve App Control/URLF detection overall as well).
Also, R80.10 is nearing its End of Support date, so you have plenty of reasons to upgrade.