Ruijie Community

Title: Typical Configuration Example of Firewall URL Filtering [Print this page]

Author: zhangqiao@ruiji Time: 2024-10-31 14:02
Title: Typical Configuration Example of Firewall URL Filtering
1. Device Model and Firmware

Device Type	Device Model	Version
NGFW	RG-WALL 1600-Z-S series firewall	NGFW_NTOS1.0

2. Service Requirements

Configure behavior management on the firewall to block traffic from specified URLs or applications.
3. Topology

4. Configuration Roadmap
Create a security policy to block traffic from a specified application or URL.
5. Configuration Procedure

Choose Policy > SecurityPolicy, and click Create to create a security policy.

On the pop-up window that isdisplayed, click Create to continue.

The following uses blocking of YouTube traffic as an example.
Basic information:

Item	Description	Remarks
Name	Name of the security policy.	Special characters (e.g.: `~!#%^&*+\/0::”/<>?) and spaces are not allowed. [Example] Trust_to_untrust
Enabled State	Enable this security policy as required.	[Example] Enable
Policy Group	The policy group to which the new security policy belongs.	1. Select a group from the drop-down list; or 2. Click Add Group to add a custom policy group. [Example] Default policy group.
Priority	Place the new security policy either before or after the specified policy. Policies closer to the top have a higher priority in matching.	N/A
Description	Description of the security policy.	Special characters (e.g.: `~!#%^&*+\/0::”/<>?) and spaces are not allowed. [Example] Perform virus detection for the HTTP traffic from security zone 1 to security zone 2.

Set Action Option to Deny,and click App, User, EffectiveTime to select the specified application.

Click App. In the dialog box that is displayed, search for and select YouTube. Click Confirm.

You can also configure the target user, service, source, and effective time. In this example, the policy takes effect for all users and all IP addresses in any time range. Therefore, select Any for all the parameters.

Click Save.
For a custom application, choose Object >App>Custom App, and click Create.

In the dialog box that is displayed, enter avalue in the Name and Category Name fields for the object, and click Create to create an app rule.

Configure the Protocol Type field and other parameters as needed, and click Confirm.

Click Confirm.

Follow the preceding procedures to block traffic from the custom application.

Verification

In the policy list, the policy takes effect, and all downlink users of the firewall cannot access YouTube and the custom application. You can also check the Hit Count field in the command output for verification.

Author: RKob21@gmail.co Time: 2025-7-10 11:21
Hello Sophia thats is nice tips you have. but can you give us the advance level configuration example for blocking custom url. for example if we only want to block ths subdomain but not limited to main domain it self, like google.com. as you know google have sub domain drive.google, keep.google.com and sheet.google.com, in my case i just want to allow only sheets.google.com, the others will blocked. can you give us some example..

Author: v-yuchen3@ruiji Time: 2025-7-10 14:08

Febrio Angga Narendratama replied at 2025-7-10 11:21
Hello Sophia thats is nice tips you have. but can you give us the advance level configuration exampl ...

hi sir，
you can configure Allowlist and blocklist to solve your issue:
https://cloud.ruijienetworks.com/help/#/ArticleList?id=2c903e0d9ea8496ab261771dbf2837d1

Author: jayher10@yahoo. Time: 2025-8-5 01:00

GTAC-Morning replied at 2025-7-10 14:08
hi sir，
you can configure Allowlist and blocklist to solve your issue:
https://cloud.ruijienetwor ...

hi, can i use the firewall for url filtering even in transparent mode? i already have gateway EG-310 that has 3 ISP. thank you.

Welcome to Ruijie Community (https://community.ruijie.com/)