Hey everyone,
Can anyone suggest a proper procedure for allowing external access through the ASA using FQDN? We are in the process of moving an internally hosted system to the cloud (external hosting) and the option of filtering via IP address is not available. I realize that ASA 8.4 as the added feature of filtering based on DNS name, but how can this be achieved in pre-8.4 ASA versions?
Thanks
Hello,
It cannot be done.
You could filter HTTP traffic locally using the header host - URI but you cannot filter based on that bud unless running
8.4(2) or higher.
Looking for some Networking Assistance?
Contact me directly at jcarvaja@laguiadelnetworking.com
I will fix your problem ASAP.
Cheers,
Julio Carvajal Segura
http://laguiadelnetworking.com
I actually found the answer here:
https://supportforums.cisco.com/thread/2159975
That's funny, Julio, you're the one who actually provided this solution.
Access-list test permit tcp any any eq 80
Regex google \.google\.com
policy-map type inspect http GOOGLE
parameters
match not request header host regex GOOGLE
reset log
class-map TEST
match access-list test
policy-map global_policy
class TEST
inspect http GOOGLE
I have not tested it, but Adam seemed to have marked it as his solution.
Hello,
Yeah man haha but again as I said on this post (the one you created) it will only work for HTTP access.
If that's what you are looking for as I said
You could filter HTTP traffic locally using the header host - URI
That's the only option for you right now and that's what I have proposed on Adam's solution.
If U do not have any other query please mark this as answered as well.
Looking for some Networking Assistance?
Contact me directly at jcarvaja@laguiadelnetworking.com
I will fix your problem ASAP.
Cheers,
Julio Carvajal Segura
http://laguiadelnetworking.com