topic CX Configuration - Block https and configure multiple domain in URL objects in Network Security

CX Configuration - Block https and configure multiple domain in URL objects

limlayhin — Tue, 12 Mar 2019 03:59:16 GMT

Hi,

I am using PRSM to configure CX. I tried to block Facebook web site but always fail. I noticed that it is HTTPS instead of HTTP.

Can CX blocked HTTPS website?

I have another problem. I created URL object. If the URL object has only one domain, eg youtube.com, I can block access to the site.

In policy, I select my URL object and set action to deny.

However, If I tried to put 2 domains in the URL object, eg youtube.com, vimeo.com, both web sites won't be blocked.

Anybody has similar experiences? I don't believe we can't put multiple domain in one single URL object.

Otherwise, I have to create hundreds of URL objects.

I would think you would have

dan.letkeman — Sun, 06 Apr 2014 00:52:50 GMT

I would think you would have to enable decryption policies and setup your certificate so that the man in the middle process will work without user intervention.

Dan.

Thanks Dan. I have yet to

limlayhin — Tue, 08 Apr 2014 06:20:50 GMT

Thanks Dan.

I have yet to test this. Let me explore how to do it.

I had this same exact issue.

CSSW Computers — Thu, 26 Jun 2014 15:07:53 GMT

I had this same exact issue. The CX had an issue identifying and then filtering https traffic in earlier software versions. If you look at the release notes on software version 9.1.2-42 it shows that https traffic fails going through the CX and that it was fixed in that release. I would recommend getting to software release 9.2.1-2. I believe that is recommended and it fixes a lot of things. If you're already on a 9.2 version then disregard this post.

Release notes on 9.1.2-42

http://www.cisco.com/c/en/us/td/docs/security/asacx/9-1/release/notes/asacx_prsm_rn_91.html