Hi all,
We use filter rules on an ASA5510 firewall to direct clients to a web filtering server which generally works very well.
However lately we're finding that despite having more web filtering licenses than users, the web filtering licenses are being consumed up, mainly because of a recent increase in the rollout of ipads, iphones, androids etc.
We could deploy a proxy server in the wireless DMZ to make all the wireless devices appear to web filter as a single IP, and apply a single policy,
but that brings it's own problems.
My question is: Is there a way to hide them all behind the interface IP instead, so that all wireless devices appear to the web filter on the LAN as the wireless dmz interface IP rather than the wireless device IP?
I know this means we can only apply one web filter policy but this is an acceptable solution.
Thanks