Cisco Router and Websesne

raosrinivas · ‎12-31-2010

Not Sure if this is the right place to post this... I have been trying to integrate the my cisco 1841 router with my websense server.

I have been fairly succesful at it whereby the "http" request are getting looked up for in the Websense Server before being permitted/denied.

Needed to know whether the same can also be setup for "https" request. I know the ASA can accomplish the same along with websense, but not sure about the Router being able to do that. I have so far failed to achieve it.

Any help would be appreciated.

Thanks,

Nicolas Darchis · ‎01-03-2011

You're in the wireless security and management section, so I would advise moving your question for best results ;-)

raosrinivas · ‎01-10-2011

Can somebody provide some guidance on the same...Awaiting some reference... stuck on the https front....

hegleran · ‎01-10-2011

Websense should do URL rediredtion both http and https requests. I'm using Websense integrated with both ISRs and PIX firewalls. The easiest way to tell is from your log server, stop the logging process, then from a command line navigate to /program files/websense/bin and run the command

'testlogserver -onlyip a.b.c.d' where a.b.c.d is the IP of your test client. Then from that client go to an https page and see if the url is logged at the log server.

raosrinivas · ‎01-10-2011

Thanks for the response. I have come across the following documentation on the Cisco Website

http://www.cisco.com/en/US/docs/ios/sec_data_plane/configuration/guide/sec_fwall_websense.html#wp1027175

It mentions about the "Restrictions for Firewall Websense URL Filtering" where in states the following:

•Only HTTP filtering is supported. (HTTPS and FTP filtering are not supported.)

Not sure if it is IOS specific. The one I am using in my setup is 12.4 (21).

Could you share your config for the ISR specifically for the https filtering.

Thanks,

hegleran · ‎01-11-2011

on the ISR platform:

ip urlfilter source-interface GigabitEthernet0/0
ip urlfilter allow-mode on
ip urlfilter urlf-server-log
ip urlfilter truncate script
ip urlfilter truncate hostname
ip urlfilter server vendor websense a.b.c.d

On our PIX platform we have the ability to define what protocols are filtered, http, https etc. While even though in the PIX config we only define http, we seem to filter https as well.

hegleran · ‎01-11-2011

Looks like I may have jumped the gun on my response. My ISR sites are only filtering http. So, I

apologize for any misleading information.

raosrinivas · ‎01-11-2011

Only http filtering hardly makes it of much use. Users will easily get to work around it. Best example would be for a user having gmail access blocked, can easily use the https page for logging in.....

Not sure if its embedded in the new IOS train that Cisco has come out with. Will have a check and revert if any thing interesting.

Thanks for your help.

ramcm.rr · ‎01-16-2011

Hi Srinivas,

Did you find if any Router/IOS supports it?

raosrinivas · ‎01-19-2011

Nothing so far... Have loaded the 15.1 IOS but even that is not having the https urlfilter command. Trying to workout an alternative.

Will post if able to hit something interesting.

Thanks,