https://community.cisco.com/t5/network-security/filter-url-http/m-p/2397370#M308582 <HTML><HEAD></HEAD><BODY><P>Many thanks Marius.</P><P></P><P>Best regards</P><P></P><P>Mahesh</P><P></P><P>Message was edited by: mahesh parmar</P></BODY></HTML> Thu, 21 Nov 2013 16:07:38 GMT mahesh18 2013-11-21T16:07:38Z https://community.cisco.com/t5/network-security/filter-url-http/m-p/2397366#M308573 <P>Hi Everyone,</P><P></P><P>Our ASA&nbsp; has below config here</P><P></P><P>filter url http 192.168.0.0 255.255.0.0 0.0.0.0 0.0.0.0</P><P>filter url http 172.16.0.0 255.240.0.0 0.0.0.0 0.0.0.0 longurl-truncate</P><P>filter url http 10.0.0.0 255.0.0.0 0.0.0.0 0.0.0.0 longurl-truncate</P><P></P><P>We have websense configured that has connection to ASA&nbsp; to block some http and https traffic.</P><P>Need to understand what does above config do on the ASA?</P><P></P><P>Regards</P><P></P><P>MAhesh</P> Tue, 12 Mar 2019 03:07:17 GMT https://community.cisco.com/t5/network-security/filter-url-http/m-p/2397366#M308573 mahesh18 2019-03-12T03:07:17Z https://community.cisco.com/t5/network-security/filter-url-http/m-p/2397367#M308575 <HTML><HEAD></HEAD><BODY><PRE __jive_macro_name="quote" class="jive_text_macro jive_macro_quote">filter url http 192.168.0.0 255.255.0.0 0.0.0.0 0.0.0.0</PRE><P></P><P>This command will send all http traffic to websense for evaluation.</P><P></P><PRE __jive_macro_name="quote" class="jive_text_macro jive_macro_quote"><P>filter url http 172.16.0.0 255.240.0.0 0.0.0.0 0.0.0.0 longurl-truncate</P><P>filter url http 10.0.0.0 255.0.0.0 0.0.0.0 0.0.0.0 longurl-truncate</P></PRE><P></P><P>These commands also send http traffic to websense for evaluation, but when dealing with a longer than permitted URL it will only send the IP address portion of the URL or the hostname for evaluation.</P></BODY></HTML> Wed, 20 Nov 2013 18:28:36 GMT https://community.cisco.com/t5/network-security/filter-url-http/m-p/2397367#M308575 Marius Gunnerud 2013-11-20T18:28:36Z https://community.cisco.com/t5/network-security/filter-url-http/m-p/2397368#M308578 <HTML><HEAD></HEAD><BODY><P>Hi Marius,</P><P></P><P>ASA&nbsp; has&nbsp; this config&nbsp; lines</P><P>filter url except 172.31.128.0 255.255.192.0 0.0.0.0 0.0.0.0</P><P>filter https except 172.31.128.0 255.255.192.0 0.0.0.0 0.0.0.0</P><P></P><P></P><P>Does the above config means to bypass the websense and directly go to internet if source is from 172.31.128.x?</P><P>and this includes http and https traffic?</P><P></P><P>if we have below config in following order </P><P>filter url except 172.31.128.0 255.255.192.0 0.0.0.0 0.0.0.0&nbsp;&nbsp; rule 1 </P><P>filter https except 172.31.128.0 255.255.192.0 0.0.0.0 0.0.0.0</P><P>filter url http 192.168.0.0 255.255.0.0 0.0.0.0 0.0.0.0</P><P>filter url http 172.16.0.0 255.240.0.0 0.0.0.0 0.0.0.0 longurl-truncate</P><P>filter url http 10.0.0.0 255.0.0.0 0.0.0.0 0.0.0.0 longurl-truncate</P><P></P><P>Does this mean that if rule 1 is matched first just like ACL&nbsp; it will allow the http traffic from 172.31.128?</P><P></P><P>Another thing to ask is if the browser has no proxy config then traffic will come to firewall first and depending on the</P><P>config there it will forward the traffic first to the websense or&nbsp; internet?</P><P></P><P></P><P>Regards</P><P>MAhesh</P></BODY></HTML> Thu, 21 Nov 2013 03:49:24 GMT https://community.cisco.com/t5/network-security/filter-url-http/m-p/2397368#M308578 mahesh18 2013-11-21T03:49:24Z https://community.cisco.com/t5/network-security/filter-url-http/m-p/2397369#M308579 <HTML><HEAD></HEAD><BODY><PRE __jive_macro_name="quote" class="jive_text_macro jive_macro_quote">Does the above config means to bypass the websense and directly go to internet if source is from 172.31.128.x?</PRE><P>You are correct, a filter with the exept keyword will exempt all traffic that is defined in that filter from being sent to the filter server.</P><P></P><PRE __jive_macro_name="quote" class="jive_text_macro jive_macro_quote">Does this mean that if rule 1 is matched first just like ACL&nbsp; it will allow the http traffic from 172.31.128?</PRE><P>Yes, the match is based on a first match logic as with ACLs.</P><P></P><PRE __jive_macro_name="quote" class="jive_text_macro jive_macro_quote"><P>Another thing to ask is if the browser has no proxy config then traffic will come to firewall first and depending on the</P><P>config there it will forward the traffic first to the websense or&nbsp; internet?</P></PRE><P> Again correct.</P><P></P><P>--</P><P>Please rate all helpful posts</P></BODY></HTML> Thu, 21 Nov 2013 07:59:01 GMT https://community.cisco.com/t5/network-security/filter-url-http/m-p/2397369#M308579 Marius Gunnerud 2013-11-21T07:59:01Z https://community.cisco.com/t5/network-security/filter-url-http/m-p/2397370#M308582 <HTML><HEAD></HEAD><BODY><P>Many thanks Marius.</P><P></P><P>Best regards</P><P></P><P>Mahesh</P><P></P><P>Message was edited by: mahesh parmar</P></BODY></HTML> Thu, 21 Nov 2013 16:07:38 GMT https://community.cisco.com/t5/network-security/filter-url-http/m-p/2397370#M308582 mahesh18 2013-11-21T16:07:38Z