cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
22132
Views
5
Helpful
17
Replies
Highlighted
Beginner

Access Control Policy - Block Response Page

Prior to implementing blocking (FirePower ASA currently set in passive mode), I need to provide a custom block page.  Ideally this would include a company logo and some text indicating why the page was blocked. The documentation is somewhat light on the how of doing this (Firesight System User Guide Version 5-3-1) Chapter "Managing Access Control Policies".

Questions:

- How to include a logo file (if possible).

- Is there a URL on the Firesight Appliance (or elsewhere) to test the Block Response Page or Interactive Block Response Page?

---------------------------------

SourceFire Virtual Defence Center (64bit)  version 5.3.1 

ASA 5525X's running Firepower 5.3.1

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Beginner

There is nothing in the

There is nothing in the Defense Center to test the response. I would just add an access control rule like (src ip: my IP, application:cnn.com) so you can test it from your workstation. 

 

The HTTP Response page is just HTML. There's no GUI or way to upload an image but you really don't need that. 

If you're just blocking (not interactive block) you can always just use an HTML redirect to send somebody to an existing page. If your legal team already has a page with all this language you can just redirect there.

Otherwise just enter the HTML code yourself. 

  1. Edit your Access Control Policy.
  2. Click the HTTP Responses page.
  3. From the drop-down for Block Response Page or Interactive Block Response Page select Custom.
  4. Enter your HTML

If you want to include your logo all you need is a line like:

<img src="http://mycompany.com/logo.jpg">

Just head over to your company's home page and copy the URL of a logo there to use in code like this. 

Or include text like this:

<h1>Access Denied</h1>
<p>
<strong>You are attempting to access a forbidden site.</strong></p><br/><br/>
<p>Not judging or anything. Maybe just not at work, okay? Consult your system administrator for details.</p>

View solution in original post

17 REPLIES 17
Highlighted
Beginner

There is nothing in the

There is nothing in the Defense Center to test the response. I would just add an access control rule like (src ip: my IP, application:cnn.com) so you can test it from your workstation. 

 

The HTTP Response page is just HTML. There's no GUI or way to upload an image but you really don't need that. 

If you're just blocking (not interactive block) you can always just use an HTML redirect to send somebody to an existing page. If your legal team already has a page with all this language you can just redirect there.

Otherwise just enter the HTML code yourself. 

  1. Edit your Access Control Policy.
  2. Click the HTTP Responses page.
  3. From the drop-down for Block Response Page or Interactive Block Response Page select Custom.
  4. Enter your HTML

If you want to include your logo all you need is a line like:

<img src="http://mycompany.com/logo.jpg">

Just head over to your company's home page and copy the URL of a logo there to use in code like this. 

Or include text like this:

<h1>Access Denied</h1>
<p>
<strong>You are attempting to access a forbidden site.</strong></p><br/><br/>
<p>Not judging or anything. Maybe just not at work, okay? Consult your system administrator for details.</p>

View solution in original post

Highlighted

hi is it possible to include

hi

 

is it possible to include some info on the block reason to end user in this block page template

like blocked because of category XXX, bad reputation, ...

 

thanks

Highlighted
Beginner

No, there isn't, sorry.

No, there isn't, sorry.

Beginner

Has there been any updates

Has there been any updates that would allow this now?  I'm in the same scenario where we would like the client to see why they are getting blocked.  And which category was causing the block so we can easily identify what, as admins, need to tweak. 

 

Thanks,

Highlighted
Hall of Fame Guru

You can't make it display in

You can't make it display in the page shown to the end user.

However, if you look in your FireSIGHT Management Center under Analysis, Connection Events; the URL Category for all connections is displayed there.

A simple search (i.e., Action = Blocked and Initiator User = username of end user with the issue) would quickly  show the problematic URL and category

Highlighted
Beginner

I am also in the group that

I am also in the group that would love this feature.  Our last web filter had it, and users are starting to get annoyed by not knowing why some things are blocked, creating more helpdesk tickets etc.

It should be a variable that can be inserted into the custom HTML code in the HTTP response page.

Highlighted
Beginner

Add me to the group that

Add me to the group that would like this feature.

Highlighted
Beginner

Perhaps until the feature is

Perhaps until the feature is added you could include the brightcloud url in the response, so the user can perform their own url test to see what category they triggered.

Highlighted
Beginner

ohhh, so HTTPS doesnt display

ohhh, so HTTPS doesnt display that interactive block??! that sucks, i thought i had something misconfigured. that needs to be added most pages nowdays are https..

Highlighted
Beginner

+1 more for me to that group.

+1 more for me to that group. 

Highlighted
Enthusiast

Hi Team,

Hi Team,

We need this feature to ensure that the firewall administrator doesn't always need to check in the logs available in Firesight. Also in case of user in remote locations with access to business websites that will not be that tech savy the categories information will be definitely useful.

Is it a part of roadmap to provide the feature?

Highlighted
Cisco Employee

Hello Team,

Hello Team,

If you need to add this as a feature, please contact your accounts team to open a new enhancement request to add in the upcoming versions. Accounts team can open a enhancement request and work with Sourcefire Dev team to get this done.

Rate if this post helps you.

Regards

Jetsy 

Highlighted
Beginner

add me to this feature for me

add me to this feature for me i i like.

Highlighted
Beginner

Not specific reason, just a

Not specific reason, just a generic response, and who to contact if the user needs resolution.