This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
boom247
Contributor
‎2024-08-08 02:39 AM
Jump to solution

URL Filtering https disabled

Hi CheckMates

 

I have a gateway running R81.20 and trying to do url filtering but it's not working as expected. Not blocking the categories.

Is https inspection a pre-requisite for url filtering?

 

0 Kudos
1 Solution

Accepted Solutions
boom247
Contributor
‎2024-08-08 06:53 AM
In response to the_rock
Jump to solution

Thanks all, eventually got it working. I enabled the blade under the standard policy. As Lend mentioned, it's not showing any block pages, guess will have to enable https for that.

Screenshot 2024-08-08 154937.png

 

 

 

View solution in original post

7 Replies
Machine_Head
Advisor
Advisor
‎2024-08-08 03:27 AM
Jump to solution

No its not.

Make sure you have categorize https sites enabled under management & settigns > blades > app control url filtering

 

 

image.png

0 Kudos
boom247
Contributor
‎2024-08-08 03:35 AM
In response to Machine_Head
Jump to solution

Thanks Gojira, I do have these settings enabled.

It's worth mentioning that the deployment is in a bridged mode. I have 2 interfaces, one in and one for outgoing.

0 Kudos
Chris_Atkinson
MVP Platinum CHKP MVP Platinum CHKP
MVP Platinum CHKP
‎2024-08-08 04:19 AM
In response to boom247
Jump to solution

What do you have configured in the destination field of the policy (Any), does the logs see the traffic as HTTPS or QUIC (you may have to block the latter)?

CCSM R77/R80/ELITE
0 Kudos
the_rock
MVP Platinum
MVP Platinum
‎2024-08-08 05:05 AM
Jump to solution

Well, put it this way. You can have pages blocked, BUT, it will look goofy, for the lack of the better term, as block page will never show up. If you need help, I have perfectly working lab, so can show you.

Best,

Andy

Best,
Andy
0 Kudos
the_rock
MVP Platinum
MVP Platinum
‎2024-08-08 05:24 AM
Jump to solution

Also, to add to my last comment, FWIW...without ssl inspection, firewall cant be "man in the middle (MITM)", so nothing to inspect to begin with, tus you would never see the block page. Also, considering that literally 99.99% of the sites nowdays are https, it only makes sense to have that enabled. You wont see much difference in cpu/memory if you are running powerful hardware.

Andy

Best,
Andy
0 Kudos
boom247
Contributor
‎2024-08-08 06:53 AM
In response to the_rock
Jump to solution

Thanks all, eventually got it working. I enabled the blade under the standard policy. As Lend mentioned, it's not showing any block pages, guess will have to enable https for that.

Screenshot 2024-08-08 154937.png

 

 

 

the_rock
MVP Platinum
MVP Platinum
‎2024-08-08 06:56 AM
In response to boom247
Jump to solution

That looks right. I sent the link I made about this on community while ago, so you can also refere to it.

Andy

https://community.checkpoint.com/t5/Security-Gateways/Https-inspection-lab-guide/m-p/214429#M40929

Best,
Andy
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events