Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3441
Views
0
Helpful
4
Replies

Cisco Firepower Manuel URL Wildcards

Go to solution
Anthony Biegacki
Level 1
Level 1

‎01-02-2018 12:57 PM - edited ‎02-21-2020 07:03 AM

Trying to open www.google.com/recaptcha/*.* using wildcard at end of url and block www.goolge.com.  The allow is above block google.  I get it to block fine its the allow that is giving me trouble.

 

 

 

Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
vaibhav.parlekar1
Level 1
Level 1
In response to Marvin Rhoads

‎01-04-2018 03:32 PM

Hi Marvin,

 

If I am not wrong wildcards matching for custom URLs is not supported and FTD only supports sub-string matches only. But if there is a match for the URL it can filter both HTTP and HTTPS URLs without requiring SSL decryption.

 

I don't think if SSL decryption is requiring for URL filtering of HTTPS sites.

 

Vaibhav

View solution in original post

0 Helpful

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame
In response to vaibhav.parlekar1

‎01-04-2018 05:58 PM

I was distinguishing between Uniform Resource Locator (U R L) vs. Uniform Resource Identifier (U R I).

 

URL plus the path = URI. If you do not do SSL decrypt, a Firepower or FTD sensor will not parse the path.

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎01-02-2018 09:39 PM

Unless you decrypt the SSL, you cannot filter on a URI - only the top level URL based on the domain name.

0 Helpful

Go to solution
vaibhav.parlekar1
Level 1
Level 1
In response to Marvin Rhoads

‎01-04-2018 03:32 PM

Hi Marvin,

 

If I am not wrong wildcards matching for custom URLs is not supported and FTD only supports sub-string matches only. But if there is a match for the URL it can filter both HTTP and HTTPS URLs without requiring SSL decryption.

 

I don't think if SSL decryption is requiring for URL filtering of HTTPS sites.

 

Vaibhav

0 Helpful

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame
In response to vaibhav.parlekar1

‎01-04-2018 05:58 PM

I was distinguishing between Uniform Resource Locator (U R L) vs. Uniform Resource Identifier (U R I).

 

URL plus the path = URI. If you do not do SSL decrypt, a Firepower or FTD sensor will not parse the path.

0 Helpful

Go to solution
Anthony Biegacki
Level 1
Level 1
In response to Marvin Rhoads

‎01-04-2018 06:09 PM

Thank You

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card