Hot!Subdomains issue - Trying to limit to specific but all work

Author
BlueMouse
New Member
  • Total Posts : 2
  • Scores: 0
  • Reward points: 0
  • Joined: 2018/08/31 02:47:38
  • Status: offline
2018/08/31 03:01:34 (permalink)
0

Subdomains issue - Trying to limit to specific but all work

Hi,
We are trying to limit access to a specific sub domain by specifically whitelisting it via FQDN, as we might want to allow other sub domains at a later date. However all sub domains are being allowed through. For example:
 
Allowed:
hat.somedomain.com
 
However all sub domains such as:
coat.somedomain.com
scarf.somedomain.com
Still work.
 
All sub domains share the same IP address, and I have been advised that this might be the problem. Is this normal behavior? This is an initial sanity check to make sure I am not missing a fundamental.
 
Thanks
 
Paul
#1

2 Replies Related Threads

    rwpatterson
    Expert Member
    • Total Posts : 8275
    • Scores: 181
    • Reward points: 0
    • Joined: 2006/08/08 10:08:18
    • Location: Long Island, New York, USA
    • Status: online
    Re: Subdomains issue - Trying to limit to specific but all work 2018/08/31 06:15:47 (permalink)
    5 (1)
    Welcome to the forums.
     
    Have you tried using regular expressions to craft the name?
     
    ^hat.somedomain.com$
     
    That forces it to start with 'hat', and end with '.com'. Removing the trailing dollar sign will allow it to end with anything.

    -Bob - self proclaimed posting junkie!
    See my Fortigate related scripts at: http://fortigate.camerabob.com

    -4.3.19-b0694
    FWF60B
    FWF80CM (4)
    FWF81CM (2)
     
    #2
    BlueMouse
    New Member
    • Total Posts : 2
    • Scores: 0
    • Reward points: 0
    • Joined: 2018/08/31 02:47:38
    • Status: offline
    Re: Subdomains issue - Trying to limit to specific but all work 2018/09/10 04:47:57 (permalink)
    0
    Hi,
     
    Thank you for the suggestion and happy to be here :)

    ^ cannot be used with FQDN. One of my guys says there is nothing that can be done with this because all subdomains resolve to the same IP address.
     
    At the end of the day all I want to do is allow access to hat.somedomain.com but block access to all other subdomains.
     
    Any other suggestions on the best approach? Happy to explore outside of FQDN?
    #3
    Jump to:
    © 2018 APG vNext Commercial Version 5.5