https://community.cisco.com/t5/network-security/fwsm-url-filtering/m-p/2420890#M307762 <HTML><HEAD></HEAD><BODY><P>Hello,</P><P></P><P>Okey so just to end <SPAN __jive_emoticon_name="grin" __jive_macro_name="emoticon" class="jive_macro jive_emote" src="https://community.cisco.com/4.5.4/images/emoticons/grin.gif"></SPAN> this will not work as the content will be encrypted bud.</P><P></P><P>Sorry to let you know that.</P><P></P><P>You need a content device capable of doing it.</P><P></P><P></P><P>Rate all of the helpful posts!!! <BR /> <BR />Regards, <BR /> <BR />Jcarvaja <BR /> <BR /><SPAN>Follow me on </SPAN><A class="jive-link-external-small" href="http://laguiadelnetworking.com">http://laguiadelnetworking.com</A></P></BODY></HTML> Wed, 04 Dec 2013 20:08:50 GMT Julio Carvajal 2013-12-04T20:08:50Z https://community.cisco.com/t5/network-security/fwsm-url-filtering/m-p/2420887#M307744 <P>I'M TRYING TO FILTER IN MY FWSM URLS</P><P></P><P>I have some problems because all my https traffic is being discarded. </P><P></P><P>The configuractions below:</P><P></P><P>class-map inside1-class</P><P> match port tcp eq https</P><P>!</P><P>!</P><P>policy-map type inspect http URL</P><P> description URL</P><P> parameters</P><P>&nbsp; protocol-violation action drop-connection</P><P> match request uri regex FACEBOOK</P><P>&nbsp; drop-connection log</P><P> match request uri regex YOUTUBE</P><P>&nbsp; drop-connection log</P><P></P><P></P><P>policy-map inside1-policy</P><P> class inside1-class</P><P>&nbsp; inspect http URL </P><P>!</P><P>service-policy inside1-policy interface inside1</P><P></P><P>Any good indications will be appreciated</P> Tue, 12 Mar 2019 03:12:46 GMT https://community.cisco.com/t5/network-security/fwsm-url-filtering/m-p/2420887#M307744 Jose Alejandro Rodriguez Rodriguez 2019-03-12T03:12:46Z https://community.cisco.com/t5/network-security/fwsm-url-filtering/m-p/2420888#M307750 <HTML><HEAD></HEAD><BODY><P>Hello Jose,</P><P></P><P>You are matching HTTPs traffic. This will not work as that traffic will be encrypted and the ASA will not be able to decrypt that traffic as it's not working as a proxy.</P><P></P><P>For HTTPs content filtering you need to have a dedicated server such as a websense box</P><P></P><P>Regards,</P><P></P><P>Jcarvaja</P></BODY></HTML> Wed, 04 Dec 2013 19:58:06 GMT https://community.cisco.com/t5/network-security/fwsm-url-filtering/m-p/2420888#M307750 Julio Carvajal 2013-12-04T19:58:06Z https://community.cisco.com/t5/network-security/fwsm-url-filtering/m-p/2420889#M307757 <HTML><HEAD></HEAD><BODY><P>Hello Julio,</P><P></P><P>I did it men</P><P></P><P>using the followings script</P><P></P><P></P><P>regex domainlist16 "\.sharing-file\.com"</P><P>regex domainlist17 "\.keepandshare\.com"</P><P>regex domainlist18 "\.kazaa\.com"</P><P>regex domainlist19 "\.zeropaid\.com"</P><P>regex domainlist20 "\.daniweb\.com"</P><P>regex domainlist21 "\.megashare\.com"</P><P>regex domainlist22 "\.ahlyegypt\.com"</P><P>regex domainlist23 "\.ultrareach\.net"</P><P>regex domainlist24 "\.wujie\.net"</P><P>regex domainlist25 "\.tv2free\.com"</P><P>regex domainlist26 "\.sharereactor\.com"</P><P>regex domainlist27 "\.youporn\.com"</P><P></P><P></P><P>class-map type regex match-any DomainBlockList</P><P> match regex domainlist1</P><P> match regex domainlist2</P><P> match regex domainlist3</P><P> match regex domainlist4</P><P> match regex domainlist5</P><P> match regex domainlist6</P><P> match regex domainlist7</P><P> match regex domainlist8</P><P> match regex domainlist9</P><P> match regex domainlist10</P><P> match regex domainlist11</P><P> match regex domainlist12</P><P> match regex domainlist13</P><P> match regex domainlist14</P><P> match regex domainlist15</P><P> match regex domainlist16</P><P> match regex domainlist17</P><P> match regex domainlist18</P><P> match regex domainlist19</P><P> match regex domainlist20</P><P> match regex domainlist21</P><P> match regex domainlist22</P><P> match regex domainlist23</P><P> match regex domainlist24</P><P> match regex domainlist25</P><P> match regex domainlist26</P><P> match regex domainlist27</P><P></P><P></P><P></P><P></P><P></P><P>class-map type inspect http match-all BlockDomainsClass</P><P>match request header host regex class DomainBlockList</P><P>######################################################################################################################</P><P>access-list inside_mpc extended permit tcp any any eq www</P><P>access-list inside_mpc extended permit tcp any any eq 8080</P><P></P><P></P><P>class-map httptraffic</P><P>match access-list inside_mpc</P><P>###################################################################################################################33</P><P>policy-map type inspect http http_inspection_policy</P><P>parameters</P><P>protocol-violation action drop-connection</P><P>class BlockDomainsClass</P><P>reset log</P><P></P><P></P><P></P><P></P><P>policy-map inside-policy</P><P>class httptraffic</P><P>inspect http http_inspection_policy</P><P>#############################################################################################################################</P><P></P><P></P><P></P><P></P><P>service-policy inside-policy interface inside</P><P></P><P></P><P>The main proble that i had is that the client can still visit facebook using</P><P></P><P>https:facebook.com</P><P></P><P>if i add in the acl </P><P></P><P>access-list inside_mpc extended permit tcp any any eq 443</P><P></P><P><STRONG>All my https traffic goes down <SPAN __jive_emoticon_name="sad" __jive_macro_name="emoticon" class="jive_macro jive_emote" src="https://community.cisco.com/4.5.4/images/emoticons/sad.gif"></SPAN></STRONG></P></BODY></HTML> Wed, 04 Dec 2013 20:03:17 GMT https://community.cisco.com/t5/network-security/fwsm-url-filtering/m-p/2420889#M307757 Jose Alejandro Rodriguez Rodriguez 2013-12-04T20:03:17Z https://community.cisco.com/t5/network-security/fwsm-url-filtering/m-p/2420890#M307762 <HTML><HEAD></HEAD><BODY><P>Hello,</P><P></P><P>Okey so just to end <SPAN __jive_emoticon_name="grin" __jive_macro_name="emoticon" class="jive_macro jive_emote" src="https://community.cisco.com/4.5.4/images/emoticons/grin.gif"></SPAN> this will not work as the content will be encrypted bud.</P><P></P><P>Sorry to let you know that.</P><P></P><P>You need a content device capable of doing it.</P><P></P><P></P><P>Rate all of the helpful posts!!! <BR /> <BR />Regards, <BR /> <BR />Jcarvaja <BR /> <BR /><SPAN>Follow me on </SPAN><A class="jive-link-external-small" href="http://laguiadelnetworking.com">http://laguiadelnetworking.com</A></P></BODY></HTML> Wed, 04 Dec 2013 20:08:50 GMT https://community.cisco.com/t5/network-security/fwsm-url-filtering/m-p/2420890#M307762 Julio Carvajal 2013-12-04T20:08:50Z https://community.cisco.com/t5/network-security/fwsm-url-filtering/m-p/2420891#M307768 <HTML><HEAD></HEAD><BODY><P>Thanks man,</P><P></P><P>After some hours of searching and feeling angry that there are more cheaper servers in linux that can do this i recognize you're correct. Thanks for your help.</P><P></P><P>Regards</P></BODY></HTML> Wed, 04 Dec 2013 21:43:19 GMT https://community.cisco.com/t5/network-security/fwsm-url-filtering/m-p/2420891#M307768 Jose Alejandro Rodriguez Rodriguez 2013-12-04T21:43:19Z https://community.cisco.com/t5/network-security/fwsm-url-filtering/m-p/2420892#M307772 <HTML><HEAD></HEAD><BODY><P>Hello Jose,</P><P></P><P>Hey man my pleasure to help,</P><P></P><P>Have a great day.</P><P></P><P></P><P>Rate all of the helpful posts!!! <BR /> <BR />Regards, <BR /> <BR />Jcarvaja <BR /> <BR /><SPAN>Follow me on </SPAN><A class="jive-link-external-small" href="http://laguiadelnetworking.com">http://laguiadelnetworking.com</A></P></BODY></HTML> Wed, 04 Dec 2013 21:51:07 GMT https://community.cisco.com/t5/network-security/fwsm-url-filtering/m-p/2420892#M307772 Julio Carvajal 2013-12-04T21:51:07Z