Blocking Sub-Domain Access in BorderManager

By: phxazcraig

September 26, 2007 4:02 am

Reads: 215




A Forum reader recently asked:

“I been observing that sub-domains can be accessed when the main domain is blocked. For example, can be access when is in the ACL list as blocked. Can wildcards be used like when filtering file extensions? Will * work as a filter?”

And here’s the response from Craig Johnson …


Yes, wildcards can, and should, be used in access rules. It is typical to have entries like these:


(These would both be in the same rule, though you would think the second rule would cover all bases).

Note that you can’t use a https rule – it will be ignored. You can, however, use a port 443 rule blocking a domain, and some people here have reported success with a rule like*.

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

Categories: BorderManager, Technical Solutions

Disclaimer: As with everything else at NetIQ Cool Solutions, this content is definitely not supported by NetIQ, so Customer Support will not be able to help you if it has any adverse effect on your environment.  It just worked for at least one person, and perhaps it will be useful for you too.  Be sure to test in a non-production environment.