Hi,

I'm using ASA5585 with Software Version 8.4(2) and Device Manager Version 6.4(5)

I'm having difficulties configure http inspection policy on this ASA.

My firewall mode is transparent.

My main goal here is to drop connection from user originating from interface test-inside to access outside porn website(ex: http://xvideos.com , porntube.com, etc.)

I already configure the ASA as shown below, but this ASA still didn't block the connection and the user from test-inside still can access the porn site.

Here is the log when the user from test-inside access the porn sites.

And, below is my config in ASA :

access-list inside_mpc extended permit tcp any any eq www

regex xvideos ".*xvideos.*"

regex porn-sites ".*[Pp][Oo][Rr][Nn].*"

regex xxx-sites ".*[Xx][Xx][Xx].*"

class-map httptraffic

match access-list inside_mpc

class-map type regex match-any block-sites

match regex xxx-sites

match regex xvideos

match regex porn-sites

class-map type inspect http match-all BlockURLsClass

match request uri regex class block-sites

!

!

policy-map type inspect http http_inspection_policy

parameters

  protocol-violation action drop-connection log

match request method connect

class BlockURLsClass

  reset log

policy-map inside-policy

class httptraffic

  inspect http http_inspection_policy

service-policy inside-policy interface test-inside

Please help.

Regards,

Handaya