Cisco Support Community
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

CX Configuration - Block https and configure multiple domain in URL objects


I am using PRSM to configure CX. I tried to block Facebook web site but always fail. I noticed that it is HTTPS instead of HTTP. 


Can CX blocked HTTPS website? 


I have another problem. I created URL object. If the URL object has only one domain, eg, I can block access to the site. 

In policy, I select my URL object and set action to deny. 


However, If I tried to put 2 domains in the URL object, eg,, both web sites won't be blocked. 

Anybody has similar experiences? I don't believe we can't put multiple domain in one single URL object. 

Otherwise, I have to create hundreds of URL objects. 

Everyone's tags (2)
Community Member

I would think you would have

I would think you would have to enable decryption policies and setup your certificate so that the man in the middle process will work without user intervention.



Community Member

Thanks Dan. I have yet to

Thanks Dan. 

I have yet to test this. Let me explore how to do it. 

Community Member

I had this same exact issue.

I had this same exact issue. The CX had an issue identifying and then filtering https traffic in earlier software versions. If you look at the release notes on software version 9.1.2-42 it shows that https traffic fails going through the CX and that it was fixed in that release. I would recommend getting to software release 9.2.1-2. I believe that is recommended and it fixes a lot of things. If you're already on a 9.2 version then disregard this post.


Release notes on 9.1.2-42


CreatePlease to create content