07-13-2012 12:38 PM - edited 03-11-2019 04:30 PM
I need to allow a specifc hostname through my firewall. I found this article: https://supportforums.cisco.com/docs/DOC-17014
But it's only for 8.4 updated ASA's and above.
Doing more research, I found this article: http://www.handbook.dk/block-domains-on-a-cisco-asa-152.htm
And have been trying to reverse engineer it. Am I on the right track?
Thanks in advance.
Solved! Go to Solution.
07-13-2012 01:58 PM
Hello Adam,
Here is the configuration you need:
Access-list test permit tcp any any eq 80
Regex google \.google\.com
policy-map type inspect http GOOGLE
parameters
match not request header host regex GOOGLE
reset log
class-map TEST
match access-list test
policy-map global_policy
class TEST
inspect http GOOGLE
Regards
CSC it's a free support community take your time to rate all the engineer's responses that help you resolving your problems.
Julio
07-13-2012 12:55 PM
Hello Adam,
Well it's completely different.
On 8.4.2 you will be able to use FQDN on an ACL, the second option it's to use a deep packet inspection ( from layer 4 to 7) in order to match an HTTP request and drop the traffic as the example shown there.
If you want to use FQDN on ACL's then the only solution would be to upgrade to 8.4.2
If what you are looking for is a way to deny or allow traffic based on domain name then the layer 7 inspection should do it
Regards,
Julio
Rate all the helfpul posts!
07-13-2012 01:24 PM
Do you have a sample config of how I would set the layer 7 inspection up?
Thanks for responding quickly.
07-13-2012 01:58 PM
Hello Adam,
Here is the configuration you need:
Access-list test permit tcp any any eq 80
Regex google \.google\.com
policy-map type inspect http GOOGLE
parameters
match not request header host regex GOOGLE
reset log
class-map TEST
match access-list test
policy-map global_policy
class TEST
inspect http GOOGLE
Regards
CSC it's a free support community take your time to rate all the engineer's responses that help you resolving your problems.
Julio
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: