CSC-SSM File Blocking Scenario

oyd110380 — Mon, 11 Mar 2019 16:47:14 GMT

Got a scenario where when a I divert Http Traffic to CSC-SSM, Invalid URL error

Is encountered. Attached is the network diagram. Users from branch network gets their

Internet connection via the squid proxy of the main branch. The main branch is connected to the branch network via VPN. What we want to accomplish is block audio file using CSC-SSM. Audio/Video File was already selected under

File Blocking(Trend Micro Interscan). But mp3 files can still be downloaded. Upon checking the config,

I noticed that SMTP was the only traffic diverted to the CSC-SSM. So I added

Http Traffic. Below is the config for reference.

access-list outside_mpc_in extended permit tcp any any eq smtp

access-list outside_mpc_in extended permit tcp any any eq http

class-map SMTP

match access-list outside_mpc_in

class-map inspection_default

match default-inspection-traffic

policy-map global_policy

class inspection_default

inspect dns maximum-length 512

inspect ftp

inspect h323 h225

inspect h323 ras

inspect rsh

inspect rtsp

inspect esmtp

inspect sqlnet

inspect skinny

inspect sunrpc

inspect xdmcp

inspect sip

inspect netbios

inspect tftp

policy-map outside-policy

class SMTP

csc fail-open

service-policy global_policy global

service-policy outside-policy interface outside

But upon doing this, all http traffic was blocked. Invalid URL error

Was encountered. If the access-list for http traffic is removed, then

All internet connections are restored but audio file is not blocked.

So it seems that when Http traffic is diverted to CSC-SSM, some

Packet modification takes place that prevents the proxy from

Seing http traffic. Am I Missing something on the configuration?

Here is the error message from the proxy.

The Following Error was encountered

· Invalid URL

Some Aspect of the requested URL is incorrect. Posible problems:

· Missing or incorrect access protocol(should be http:// or similar)

· Missing Hostname

· Illegal double-escape in the URL-Path

Illegal character in hostname; underscores are not allowed

Re: CSC-SSM File Blocking Scenario

resoares — Thu, 10 Dec 2009 12:31:49 GMT

Hi,

How does the internet traffic go out from CSC module? The CSC-SSM module will use a Squid proxy to reach the Internet or it has a directly connection ?

I'm asking you this, because there are some proxy settings that can be configured depending on your network topology.

Br,

Re: CSC-SSM File Blocking Scenario

oyd110380 — Fri, 11 Dec 2009 07:36:24 GMT

Hi,

Thanks for the reply. CSC-SSM internet traffic goes through the squid proxy.

Re: CSC-SSM File Blocking Scenario

resoares — Fri, 11 Dec 2009 10:46:56 GMT

Hi, thanks for your update, so configure the CSC to divert the traffic to the Squid.

Br,

topic CSC-SSM File Blocking Scenario in Network Security

CSC-SSM File Blocking Scenario

Re: CSC-SSM File Blocking Scenario

Re: CSC-SSM File Blocking Scenario

Re: CSC-SSM File Blocking Scenario