pattern match https proxy: *.domain.com* wont allow a.b.domain.com
Hi all. I try to whitelist a list of urls using http and https proxy action configuration.
using content inspection, i use pattern match to allow for *.pajak.go.id*
but it wont let 103.28.106.131 through (when doing reverse lookup, found that 103.28.106.131 is svc.efaktur.pajak.go.id). even though it will allow for www.pajak.go.id (43.242.133.18)
what is a better pattern match setting to let anything pajak.go.id through other than *.pajak.go.id*
? should i add another rule to allow *.*.pajak.go.id*
? now quick fix is to particularly allow 103.28.106.131
denial message of not letting 103.28.106.131 through:
2019-07-09 12:50:40 Deny ThisIsLocalIPAddress 103.28.106.131 https/tcp 60007 443 1-Trusted 0-External ProxyDeny: HTTPS domain name match (Whitelisting HTTPS-00) HTTPS-Client.Standard.Whitelist1 proc_id="https-proxy" rc="595" msg_id="2CFF-0003" proxy_act="HTTPS-Client.Standard.Whitelist1" rule_name="Default" sni="" cn="" ipaddress="103.28.106.131" src_user="ThisIsLocalDomainUser" Traffic
2019-07-09 12:50:40 Deny ThisIsLocalIPAddress 103.28.106.131 https/tcp 60007 443 1-Trusted 0-External HTTPS Request (Whitelisting HTTPS-00) HTTPS-Client.Standard.Whitelist1 proc_id="https-proxy" rc="548" msg_id="2CFF-0000" proxy_act="HTTPS-Client.Standard.Whitelist1" tls_profile="TLS-Client-HTTPS.Standard" tls_version="TLS_V1" sni="" cn="" cert_issuer="" cert_subject="" action="deny" app_id="0" app_cat_id="0" sent_bytes="0" rcvd_bytes="154" src_user="ThisIsLocalDomainUser" Traffic
steve
Comments
i have changed pattern match to regex
.*\.*pajak\.go\.id\/*.*
and disable allowing ip 103.28.106.131 to passthrough. result is it does not work.i begin to think that the software hardcoded ip address 103.28.106.131 instead of using address svc.efaktur.pajak.go.id. is there a way to knowing from the error message above?
steve
Why do you have a * at the end of your entry ?
Try this:
*.pajak.go.id