07-13-2016 02:50 PM - edited 03-10-2019 06:38 AM
I have a 5506-x with Firepower. The version is 6.0.1.1(24) and managed with ASDM. I had the Access control policy working for URL and Application filtering and it was working fine. Both of these rules in the Policy were block rules. When I tried to add another rule and apply a file policy to deny .MP4 files it did not appear to work. After trying all kinds of variations, orders, and settings I decided to disable the URL and Application rules from the policy and only have a single rule for the file blocking. The rule itself is a Allow rule but the file policy that is referenced blocks .MP4 file extensions and it does not work and does appear that it is getting triggered by the Firepower monitoring via ASDM. Originally in the file policy I had any protocol, any direction but have also tried HTTP and FTP for the protocol and download for the direction and it still does not work. I am beginning to wonder if this function is supported on the 5506.
Any help appreciated.
07-13-2016 07:51 PM
Hi File blocking does work and if the right policies are configured, then transfer of MP4 file should be blocked.
Did the URL rule work when they were their ? Trying to verify if the traffic is passing through the firepower module or no.
You can use the CLI debug to see which rule the traffic hits.
>system support firewall-engine-debug
Enter the source or destination IP and check the output.
Rate if helps,
Yogesh
07-13-2016 09:42 PM
Hello Team,
FTP and HTTP file transfer will be blocked without any errors if the Firepower detects that specific traffic. We have tested this several times in our lab and it has became successful for all the customers .Thus please make sure that the traffic is passing through the Firepower itself. Also verify the configuration part once again using the following link
http://www.cisco.com/c/en/us/td/docs/security/firesight/541/firepower-module-user-guide/asa-firepower-module-user-guide-v541/AMP-Config.html
Rate if the post helps you.
Regards
Jetsy
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide