Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
650
Views
0
Helpful
1
Replies

URL Filtering on ACE 4710 -Deny access

Paul Pinto
Level 1
Level 1

‎03-10-2011 11:53 PM

Hi,

I have a requirement to filter (deny access) to certain URL's. The URL's are listed below. Any guidance/assitance in achieving this would be greatly appreciated.

https://<Domainname>/corp/BANKAWAY?Action.Admin.Init=Y&AppSignonBankID=NG

https://<Domainname>/corp/BANKAWAY?Action.RMUser.Init.001=Y&AppSignonBankId=NG&AppType=corporate&CorporateSignonLangId=001

Also, to achieve this, would we need to do SSL off-loading. I believe so. Then would have to initiate back to server.

Thanks in advance.

Paul.

Labels:
0 Helpful
1 Reply 1

Surya ARBY
Level 4
Level 4

‎03-11-2011 12:17 AM

Yes SSL offload is mandatory.

You can achieve this in at least two ways :

Use L7 inspection and a reset action : http://www.cisco.com/en/US/docs/app_ntwk_services/data_center_app_services/ace_appliances/vA4_1_0/configuration/security/guide/appinsp.html#wp1283413

or use two L7 class-maps and direct the requests to a dummy / redirect server farm.

The best way to achieve this would be to generate a 403 forbidden but the ACE seems to not be able to send such a code by itself.

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card