Hey Guys
So I'm trying to transition our policy model to that of ASA = port filtering the SFR URL Filtering/Inspection.
One challenge I'm facing is that as I've migrated a couple services over to this design, some of the connections outbound fail to register anything in the URL column and therefore get blocked.
The ASA and FP don't treat FQDN the same way and I've since had to add in an additional set of IP based objects on the FP policy to get things moving. This could obviously lead to annoyances down the road.
Is there anything I'm missing here that could be the reason why these connections in the table are sometimes lacking the URL, or in some cases, never having a URL?
No comments:
Post a Comment