Hello guys.I tried to block a malicious domain/url but the changes will not apply to the firewall. Can any one help. To block, i go to Security & SD-WAN>URL and save changes but it still does not work. Any clue?
Hello, @Tatah!
Just to confirm - you're going to the Security & SD-WAN -> Firewall area (https://documentation.meraki.com/MR/Firewall_and_Traffic_Shaping/Using_Layer_3_Firewall_Rules) and it is not working to block the URL?
I am going to security & SD WAN> Content filtering >url blocking
Okay, I'm with you now.
Assuming that the rule is saving, do you have any group policies setup? These are under Network-wide -> Group Policies. One can use group policy to ignore the network default blocked URL patterns etc:
I don`t think i need to create a rule for blocking one url. I want to add the url to the block list but the url is still accessible after it is added to the block list
Is the rule not showing after you hit the save button or the actual rule is not being applied and you are able to access the url?
I simply add the url to the blocklist and hit save but am still able to access the url
So you enter the URL into the block list, you save. It saves the rule. Then you can still access the rule. You've confirmed that you don't have a group policy overriding the network defaults. Does this sound correct?
When you review the event log, do you see a Content Filter hit for that URL? Easiest way to do this is set the client filter to an IP address for a safe testing box, then try to visit the website.
Other thought: Make sure your block pattern follows the examples here: https://documentation.meraki.com/MX/Content_Filtering_and_Threat_Protection/Content_Filtering#Patter...
Here is the screenshot. No group policies set.
Possibly share a screenshot of the URL rule?
I have seen many times where the intent is to block a specific URL, but in fact the service/site uses multiple URLs that need to be blocked.
If you need to block multiple URLs (or allow them!), Chrome dev tools are your friend. Go to website, open dev tools with ctrl + shift + i and click on the sources tab.
Note that URL blocking does not start working immediately. It can take 10 minutes.
Can you post a screenshot of your URL blocking config?
Yes can you please post a screenshot of the rule, have you allowed for wildcards?