https://community.cisco.com/t5/network-security/url-filtering/m-p/798180#M977338 <HTML><HEAD></HEAD><BODY><P>You can do true URL filtering using N2H2 or websense products. If you don't want to invest in a 3rd party product, you will have to look up the IP addresses of the hosts that you want to allow them access to and custom create ACL's. You could also use nbar with a policy-map/class-map if you have an IOS router somewhere in the path of data.</P></BODY></HTML> Thu, 28 Jun 2007 11:17:39 GMT srue 2007-06-28T11:17:39Z https://community.cisco.com/t5/network-security/url-filtering/m-p/798179#M977337 <P>Hi,</P><P></P><P>I have PIX 515E implemented in my network,there 200 lan users are there ,out of them 10 users are SAP users,they used to access the SAPserver.com site very frequently,I want to allow them to access only the SAPservers.com,I do not want to allow them to access the other web sites other than SAPservers.Can I do it with PIX515E.Please help me how to do it.</P><P></P><P>Thanks and Regards,</P><P></P><P>S.Venkataraman.</P> Mon, 11 Mar 2019 10:36:47 GMT https://community.cisco.com/t5/network-security/url-filtering/m-p/798179#M977337 Lavanholy 2019-03-11T10:36:47Z https://community.cisco.com/t5/network-security/url-filtering/m-p/798180#M977338 <HTML><HEAD></HEAD><BODY><P>You can do true URL filtering using N2H2 or websense products. If you don't want to invest in a 3rd party product, you will have to look up the IP addresses of the hosts that you want to allow them access to and custom create ACL's. You could also use nbar with a policy-map/class-map if you have an IOS router somewhere in the path of data.</P></BODY></HTML> Thu, 28 Jun 2007 11:17:39 GMT https://community.cisco.com/t5/network-security/url-filtering/m-p/798180#M977338 srue 2007-06-28T11:17:39Z https://community.cisco.com/t5/network-security/url-filtering/m-p/798181#M977339 <HTML><HEAD></HEAD><BODY><P>Hi,</P><P></P><P>This can be achieved if you do authentication of pass through http traffic through RADIUS (ACS)</P><P></P><P>aaa authentication include http inside <SOURCE ip=""> <MASK> <DESTINATION ip=""> <MASK> RADIUS</MASK></DESTINATION></MASK></SOURCE></P><P></P><P>After authentication from radius on per user basis you can download ACL (from radius dynamically) which can allow or deny a traffic for user.</P><P></P><P>Following link can give you more information on pass through authentication:</P><P></P><P><A class="jive-link-custom" href="http://cisco.com/en/US/products/sw/secursw/ps2086/products_configuration_guide_chapter09186a00801fd7e3.html#wp634934" target="_blank">http://cisco.com/en/US/products/sw/secursw/ps2086/products_configuration_guide_chapter09186a00801fd7e3.html#wp634934</A></P><P></P><P>Following link can give you more information on downloading ACL's through Radius:</P><P></P><P><A class="jive-link-custom" href="http://cisco.com/en/US/products/sw/secursw/ps2086/products_configuration_guide_chapter09186a00801fd914.html" target="_blank">http://cisco.com/en/US/products/sw/secursw/ps2086/products_configuration_guide_chapter09186a00801fd914.html</A></P><P></P><P>Hope this helps.</P><P></P><P>Regards </P><P>Rohit</P></BODY></HTML> Thu, 28 Jun 2007 11:21:13 GMT https://community.cisco.com/t5/network-security/url-filtering/m-p/798181#M977339 rochopra 2007-06-28T11:21:13Z