USG Flex : How to identify blocked websites by content filtering

Sébastien · November 17

Hi everyone,

I have set up a content filter on all outgoing connections from LAN1 in Nebula for my USG Flex 100. It works properly but I don't know how to identify which websites have been blocked or not in the Event Log.

Image: https://us.v-cdn.net/6029482/uploads/editor/fj/fqz4g17mri47.png

Categories have been selected in the "Custom" filtering rule.

When checking the FW logs, I can see this :

Image: https://us.v-cdn.net/6029482/uploads/editor/7s/2q9zf6usk745.png

But the category Business is not blocked (not checked in the Custom rule). So why does it appear in the logs ? There is no mention if it is blocked or not. And better, when a blocked site is identified it also appears in the logs in the same manner. There is no way to see the difference between blocked or not websites...

One other question : what does SSI:N mean in the details of each log entry ?

Thanks.

Sebastien

Zyxel_Jeff · November 19

Hi @"Sébastien"

Could you enable "Invite Zyxel support as administrator" feature for us?

You can find it on the path of Help -> Support request and enable it.

Image: https://us.v-cdn.net/6029482/uploads/editor/i5/vaw7sh4ko7h7.png

Image: https://us.v-cdn.net/6029482/uploads/editor/fb/xzxw838fsg0j.png

Once you have done, please send a private message to me and provide your organization and site name to us. We can check the configuration of this device.

USG Flex : How to identify blocked websites by content filtering

Answers

Categories

Nebula Tips & Tricks

Nebula Help Center