GajShield Knowledge Base

All the documents you require to help you configure and manage GajShield firewalls.

How can I check if a URL is getting blocked by GajShield's URL Filtering engine ?

Note: It is assumed that SSL deep inspection is enabled on the firewall. If SSL deep inspect is not enabled, the below is only valid for http traffic

If you are encountering an "Access Denied" popup when attempting to access a URL on a GajShield firewall, it could be due to the firewall's URL filtering feature. The URL filtering feature allows administrators to block or allow access to specific URLs based on policies set on the firewall.

If the URL you are trying to access is blocked, you will see an "Access Denied" popup. The reason for the block and the policy that caused the block should be listed in the popup.

As an administrator you can also do the following to investigate further

  • Log into the firewall console using ssh and run the following command on the command prompt

siteblocklog -f <System_IP>

System_IP : IP address from where the end user is browsing the blocked site

For example: To check URLs that are getting blocked for the IP address, run the following comand

siteblocklog -f

It will provide you the blocked sites for and the reason why these URLs is being blocked.

  • You can also identify the rule which causes the block by login into the web administration console and checking it at 

Diagnosis -> URL Filter -> URL Filter Check

Enter the username/IP address along with the URL you would like to inspect. 

It will provide you the rule that matches the above combination. 

To resolve this issue, you can

  1. Modify the URL filtering policy to allow access to the URL through the GajShield web management interface. 

It is important to note that URL filtering is a security feature and should only be modified if necessary.