Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".


SonicOS 7 CFS: URI List Restrictions


New to Gen7 - we have the CFS setup to block all categories, and allow access to sites in the Allow URI list. How do I allow the entire - range? In Gen6 I was able to add both 17.* and to the URI list (although the latter may not have had the effect I was going for), but on my Gen7 SonicWall I get errors when trying to add either of those. I'm not going to know all the URL wrappers for the IP addresses within the range - how can I whitelist the range as simply as possible?

Thanks in advance!

Category: Entry Level Firewalls

Best Answer

  • Options
    BWCBWC Cybersecurity Overlord ✭✭✭
    Answer ✓

    Hi @DrewK I did a quick test on (hope that applies to 7.0 too) and when an URL gets blocked by CFS I can force access by having an Address Object in the CFS Exclusion - Excluded Address setting.

    I always thought it's valid for Source/Destination IP but wasn't sure anymore since you mentioned it.



  • Options
    BWCBWC Cybersecurity Overlord ✭✭✭

    @DrewK wouldn't it be easier to exclude from CFS at all? But this might mess with your statistics, if you need to know the CFS rating of the accessed URLs in that netblock.


  • Options
    DrewKDrewK Newbie ✭

    Hi Michael,

    Are you suggesting I can add an Address Object for that range, and include it in the Group under Security Services - Content Filter: Excluded Addresses? I was always under the impression that those were local Objects/Group on the private W/LANs, but reading the description again, that's not specified.

    If I can add WAN endpoints to that group as well, it should certainly work. Thank you for the suggestion!

Sign In or Register to comment.