cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

3936
Views
0
Helpful
4
Replies
MissLaura1989
Beginner

Adding URL and IP address to the Firewall

Hi,

I have Cisco ASDM 6.2 for ASA and I have been requested to add a list of URLs and IP address to the whitelist on the firewall.

I haven’t had much experience using this program so unsure of where I go to add these and I don’t want to risk changing anything that might affect the security of the firewall.

The address I need to add include:

IP address

https:// sites

http:// sites

Thanks

4 REPLIES 4
Jennifer Halim
Cisco Employee

Does the ASA have CSC module or are you trying to deny that using access-list?

If the ASA has CSC module then you would need to connect to the CSC/Trend Micro configuration section.

If you only use access-list to deny access, you can only use IP Address. The full URL needs to use REGEX to deny.

And you can't block HTTPS using URL as the URL is encrypted. HTTPS using IP Address can be blocked using access-list.

Hi Bro

I guess you've to use the regex method for now, as mentioned by Jennifer Halim above. This is because "access-list webtype" is widely used in SSLVPN. Click here for further details http://www.cisco.com/en/US/docs/security/asa/asa84/command/reference/a1.html#wp1599455

P/S: if you think this comment is useful, please do rate it nicely and select "This Question is Answered"

Warm regards,
Ramraj Sivagnanam Sivajanam
nkarthikeyan
Rising star

Hi Laura,

Either go for an CSC-SSM (Content Security and Control - Security Services Module) for URL whitelisting or regex is an open option but its quite little complicated.

By

Karthik

Hi Laura,

Also regex option works only for http.

By

Karthik

Create
Recognize Your Peers
Content for Community-Ad