08-20-2018 09:58 AM
Hi,
I am currently facing an issue, in which a user from a region in Africa is trying to access a website, the website is only accessible to users in that particular country and cannot be accessed outside the country.
The users Anyconnect makes use of the CWS clouds webfiltering, after troubleshooting, it was seen that there is no CWS tower for that particular country hence the user is unable to access the website
Is it possible to exclude an IP address of the website from the CWS, so the request to access the website does not go through the CWS.
I read that this could be done through the "Cloud Bypass" Option, but it only states that it applies to the ISR devices. And the device in question for me is the Cisco ASA.
08-20-2018 02:48 PM
First you need to find out which connector is used. It could be AnyConnect or the ASA. That is not clear with your description.
08-27-2018 11:37 AM
Thank you for the Response, it is an ASA connector.
I see on the Cisco cloud web security web app, there is a "cloud bypass" option.
Can adding the destination IP to the cloud bypass cause the exemption ?
08-27-2018 01:48 PM
As far as I remember is the Cloud Bypass only for the router-connector. But try it, perhaps it works also on thy ASA, but I don't think so ...
09-17-2018 05:38 AM
the acl used that maps the class map can have a deny entry first for addresses you want to bypass.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide