This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Web Exceptions

Hello, I have groups of computers that I want to make web exceptions for with no authentication.

For instance for IP group1, I want these computers to be able to access sites A.com B.com C.com. For IP group2 computers, they can access sites D.com E.com F.com.

So, I have created 2 new exceptions (NOAUTHENTAV, NOAUTHENAWC) and including categories with the domain names plus also the ip addresses as per screenshot:

The problem is that if the same domain is listed in both categories, when a computer tries to access it from either group then it shows up as blocked because the domain is in the "other" category.

I then tried creating one policy containing the "NOAUTHENT" categories and a firewall rule in case that would help but it did not.

So the question is, how do I have the same domain name listed in more than one category for exceptions? This would not really be an issue with just two exceptions but I have a lot more IP groups than just the two in this example and with the domains/keywords being imported from a file makes it a bit of a nightmare to find same domains, delete all other versions and then decide who is going to own it.

This thread was automatically locked due to age.

0 Michael Dunn over 8 years ago

Off the top of my head...

When you create a custom category you can specify a domain or a keyword. The domain does a match on the domain name portion of the url. The keyword does a substring match on the entire URL.

There is an inconsistency in v16.

If you use domain, you are replacing the existing category with a new one.

If you use keyword, you are adding to the categorization with a second category.

AFAIK, in v17 the plan is to change this and always make it additive as that is more powerful.
Cancel
Vote Up 0 Vote Down

Cancel