11-08-2013 10:43 AM - edited 03-11-2019 08:02 PM
We have users that are bypassing our webfilter using the Tor Browser. Is there anyway to block this using an ASA5540
11-08-2013 01:25 PM
I was reading about this and on websense site they talk of multiple ways to block Tor but they also mention that Tor sites registered are around 1300 so at the firewall I don't believe that regex level will help. I am going to check with CSC module that does URL filtering over HTTP/HTTPS sites.
11-08-2013 01:32 PM
I believe that CSC can block based on a comment that we have a fix for CSC function that did not drop it in the past.
11-08-2013 01:42 PM
5540 by itself cannot block Tor based on the fact that it works over HTTPS and ASA has no inspection for HTTPS, if you have a CSC module on the ASA that could drop it but it seems that you should be reaching out to websense since they should be able to block HTTPs as the firewall can do HTTPS redirects to Websense filter.
11-09-2013 09:18 PM
Do you need anything else?
Please rate our assistance.
11-12-2013 11:03 AM
Do you need anything else?
11-13-2013 12:21 PM
Please rate the assistance
11-14-2013 06:08 AM
????????????????????????
11-14-2013 02:47 PM
Hello Deneil,
Due to the nature of the application I would not think so!
Use a dedicated application filtering device for it like the CX option on the Firewall (Application aware).
Rate all of the helpful posts!!!
Regards,
Jcarvaja
Follow me on http://laguiadelnetworking.com
11-17-2013 12:59 PM
Please rate the assistance so we can continue with other tickets
10-19-2014 06:50 PM
My way to block tor is this
http://nbctcp.wordpress.com/2014/10/20/blocking-tor-browser-in-cisco-asa-5505/
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: