CFS: Allowed / Forbidden Domains not working after upgrading to CFS 3.0
03/26/2020 121 14161
After upgrading the SonicWall to SonicOS 5.8.x , sites which are in the Allowed/Forbidden Domains are not being allowed or blocked by SonicWall.
When SonicWall is upgraded to 5.8.x, the existing CFS settings are preserved and CFS 3.0 features are added. One of the CFS 3.0 feature added is the per-policy Allowed/Forbidden Domains in CFS via Users and Zones. In this new feature each CFS Policy has two tabs - Settings & Custom List. Under the Custom List tab, users can enter domain names and keywords under Allowed/Forbidden Domains and Keyword Blocking. Under the Settings tab, users can set Source of Allowed Domains, Source of Forbidden Domains, Source of Keyword. Users have the choice to select None, Global, Per Policy.
When the SonicWall is upgraded to 5.8.x, the Source of Forbidden Domains, Source Keyword is set to None with the result users inheriting that policy will not be blocked or allowed, as the case may be.
Users should select any of the following to correct this issue:
If None is selected, the policy in question will not have a custom list.
If Global is selected, the policy inherits the custom list from the Content Filter | Configure | Custom List window.
If Per Policy is selected, the policy in question will have Allowed/Forbidden Domains & Keywords from the Custom List window of the policy.