Can URL Profiles be used if there is No URL Filtering License?

Can URL Profiles be used if there is No URL Filtering License?

Created On 09/25/18 17:36 PM - Last Modified 07/29/19 17:51 PM



Yes, but the only way to use URL filtering profiles without licenses is to create the custom URL categories and manually assign list of URLs into the custom category.



  • Go to Objects > Custom Objects > URL category.
  • Click 'Add' to create a new profile.
  • Manually enter the list of URLs that needs to be included.


  • Go to Objects > Security Profiles > URL Filtering.
  • Create a URL filtering profile and browse through the custom category. Marked with an asterisk.
  • Mark an action block.


  • Go to Policies > Security.
  • In the security rule select the URL profile to the one created in above steps.


  • Commit the configuration.
  • The URLs that are listed in the custom category will be blocked per specified action above.


Note: You can not use the default URL categories listed on the device without licenses.

You would get "No valid URL filtering license" warnings when you commit.


Alternate Solution :


Instead of creating URL profile:


1.Create a custom object under Objects >> Custom Objects >> URL Category
2. Create an object called  with string or pattern that you would want to block. Ex: "*" etc.
3. In the security policy call the above-created Category with action "deny".

T-U-Url {
from L3-Trust;
source any;
source-region none;
to L3-Untrust;
destination any;
destination-region none;
user any;
category Example;
application/service any/any/any/any;
action deny;
terminal no;
4. With this you would not  get the warning message  about"No valid URL filtering license" 



  • Print
  • Copy Link

Choose Language