Meraki

Community

Wildcards in the Allow/Block lists

UniqueIdentity
Comes here often
‎Oct 18 2024 11:06 AM
‎Oct 18 2024 11:06 AM

Wildcards in the Allow/Block lists

We would like to create an explicit allow group policy which only permits traffic to predetermined sites/workflows. To do this we would like to use * character in the blocked URL list and then populate the explicitly named sites in the Allowed URL list.

 

The challenge with this approach is that we would like to allow specific Microsoft applications. On the Microsoft site: https://learn.microsoft.com/en-us/microsoft-365/enterprise/urls-and-ip-address-ranges?view=o365-worl... it lists the names of the domains that should included in the allow list but, in many of their domains they use the * to indicate a wildcard, such as *.outlook.com, however in the Meraki rules it says that when using a * character in a block/allow list it denotes the actual * character and not a wildcard.

 

How can we add sites that Microsoft only defines by using a wildcard to the allow list?

0 Kudos
3 Replies 3
GIdenJoe
Kind of a big deal
Kind of a big deal
‎Oct 18 2024 11:15 AM
‎Oct 18 2024 11:15 AM

You're supposed to leave off the parts that are any.  I do believe there are limitations to this.
A star can only be used to match anything in itself.

So in your case you should match on outlook.com not *.outlook.com
You can even have a / in your matching criterium something.com/something

PhilipDAth
Kind of a big deal
Kind of a big deal
‎Oct 20 2024 1:11 PM
‎Oct 20 2024 1:11 PM

Going sideways, Meraki has native integration for Cisco Umbrella - and Cisco Umbrella has LOTS of controls in this area.

 

For example, you can say, "Only allow access to my Office 365 tenant and no other".  It's like using the URL filtering but even better.

https://docs.umbrella.com/umbrella-user-guide/docs/manage-tenant-controls

 

JoanaP
Meraki Employee
Meraki Employee
‎Oct 22 2024 5:58 AM
‎Oct 22 2024 5:58 AM

For Content filtering specifically, instead of adding the * wildcard for the *.outlook.com example, you will have to simply add the outlook.com to the blocked/allowed list. This will enable anything ending in outlook.com to be blocked or allowed.

 

One thing to be aware is that the Allow list takes precedence over the Block list.

 

You can see a breakdown of the process at this link:

https://documentation.meraki.com/MX/Content_Filtering_and_Threat_Protection/Content_Filtering#Patter...

 

BR,

Ioana

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.