Azure Firewall web categories check not working

Copper Contributor

Hi,

 

My Azure Firewall has been set up with network and application rules, and they work as expected.

However, after enabling TLS inspection, I am unable to check web categories of URLs successfully.

 

Under Category check, when typing https://www.google.com returns category as 'Search engines + portals'. However, changing the URL https://www.google.com/mail does not return the expected category 'Web-based email'.

 

NOTE: TLS inspection has been configured with the default Azure Key Vault.

 

Can some one give me pointers to get the web category check working?

 

Thanks

James

2 Replies

@jameswonderguy 

 

Are you using Azure firewall standard? Please refer 'Web categories' under below article:

 

https://learn.microsoft.com/en-us/azure/firewall/premium-features

 

@Kidd_Ip 

 

I am using Azure Firewall Premium, and am unable to get web categories to work.

 

Since TLS inspection is enabled, I am assuming that the firewall should differentiate between "www.google.com/news" (which I think is 'http') and "https://www.google.com/news". This want this to work, but it is not working for me.

 

Once the above works, I need to use the TLS inspection functionality within "Application Rules" and "URL Filtering" for HTTPS traffic.