Feb 26 2023 12:00 PM
Hi,
My Azure Firewall has been set up with network and application rules, and they work as expected.
However, after enabling TLS inspection, I am unable to check web categories of URLs successfully.
Under Category check, when typing https://www.google.com returns category as 'Search engines + portals'. However, changing the URL https://www.google.com/mail does not return the expected category 'Web-based email'.
NOTE: TLS inspection has been configured with the default Azure Key Vault.
Can some one give me pointers to get the web category check working?
Thanks
James
Feb 26 2023 05:04 PM
Are you using Azure firewall standard? Please refer 'Web categories' under below article:
https://learn.microsoft.com/en-us/azure/firewall/premium-features
Feb 27 2023 01:16 AM
I am using Azure Firewall Premium, and am unable to get web categories to work.
Since TLS inspection is enabled, I am assuming that the firewall should differentiate between "www.google.com/news" (which I think is 'http') and "https://www.google.com/news". This want this to work, but it is not working for me.
Once the above works, I need to use the TLS inspection functionality within "Application Rules" and "URL Filtering" for HTTPS traffic.