Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
TaylorHung
Explorer

Can't block URL, APP

Hello everyone,

I configured block web youtube by url and Microsoft Team by application control but it doesn't work, I can reach it.

Where did I misconfigure and how to fix it ? 

Thanks a lot.

Regards,

TaylorHung

0 Kudos
14 Replies
TomerM
Employee Alumnus
Employee Alumnus

Hello TaylorHung,
it is difficult to troubleshoot without further information. I suggest either contacting TAC or if you can add a screenshot of the configuration you used?
*Remember this is a public forum. Make sure you do not share any personal data (IPs, passwords etc..)   

0 Kudos
TaylorHung
Explorer

I have attaced a picture of the policy configuration. You can check for me ?

0 Kudos
TomerM
Employee Alumnus
Employee Alumnus

Sorry I did not see the pic.
Policy rule looks ok.
Make sure you have added a new layer to the policy including the applications&URL Filtering there
If the issue is not resolved I recommend opening a ticket to TAC

 

 



0 Kudos
TaylorHung
Explorer

Yep, I  enabled the application and URL Filtering but it doesn't work 

0 Kudos
the_rock
Legend
Legend

As @G_W_Albrecht advised, check the logs, see where its accepted and we can better assist. Rule loos fine, but that on its own does not mean much, unless we can see from the logs why its being accepted.

Andy

0 Kudos
Sorin_Gogean
Advisor

Hello TaylorHung,

Like others were stating, we're missing some information like what you defined in those Applications/URL Filtering objects.
Any reason you did not used the YouTube Application defined by Checkpoint ?

Youtube:
Youtube_Capture.JPG

MSTeams:
TeamsCapture.JPG


Thank you,

0 Kudos
G_W_Albrecht
Legend Legend
Legend

What is shown in Logs ? If you use Any as Source instead of Admin ?

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
TaylorHung
Explorer

Hello Albrecht,

I tried it, it didn't work. i cant understand. I think this is product trial then block URL

0 Kudos
RS_Daniel
Advisor

Hello,

Can you share a picture showing what you have insie "Youtube.com" object? I usually block Youtube using the pre-defined application object "Youtube" + a custom Application site with following DNS names: youtube.com, *.youtube.com. Maybe you will need to add more DNS names, you can check the entire list in the Certificate Subject Alternative Name section in youtube's  certificate, it will also depends what you are seeing in logs, try searching by IP and port 443 with profile Access Control on logs, you can check wich sites is browsing that IP (check image).

About teams, i always used the updatable object to allow deny this traffic, check if that is feasible for you it will be easier. Never tried with APC/URL blades. HTH

Logs.png

Regards

 

 

0 Kudos
TaylorHung
Explorer

Hello Daniel, 

I have defined application youtube with dns name: youtube.com, *.youtube.com, *.youtube.com.*  but it doesn't work

Regards

0 Kudos
Chris_Atkinson
Employee Employee
Employee

Is HTTPS inspection enabled and how are those App/URL/service objects defined?

If your end users are using the Chrome browser, does your policy block QUIC traffic?

Note we have built-in objects such as:

Youtube.png

CCSM R77/R80/ELITE
0 Kudos
TaylorHung
Explorer

Hello  Chris_Atkinson,

I  attached the picture. I don't think that Checkpoint can't block URL.

How to fix that if you know.

Thanks a lot 

0 Kudos
the_rock
Legend
Legend

I always do the way you do it, except I simply add *youtube*, works like a charm. You can follow same logic for any other website.

0 Kudos
_Val_
Admin
Admin

You did not answer the question. Do you have HTTPS Inspection enabled? If not, the application you defined will not be detected on TLS traffic, which is 100% of Youtube.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events