cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1869
Views
10
Helpful
1
Replies

allow/deny to specifics url

hoaithanhdo
Level 1
Level 1

Hello, 

I am using cisco asa 5520 , My manager want to connect https://*.windowsupdate.microsoft.com

I would like to know that this asa can be configured for this goal or not ? 

if it's ok, could you please share to me the best solution . 

Many thanks !

 

1 Accepted Solution

Accepted Solutions

@hoaithanhdo if using an ASA you could use an FQDN object, this relies on DNS.

 

More information:

https://www.cisco.com/c/en/us/support/docs/security/adaptive-security-appliance-asa-software/216553-understand-the-working-of-dns-on-asa-whe.html

 

Ideally you should look to upgrade to FTD (or another NGFW), windows update is an application you can select in the firewall policy....amongst other more advanced features that the ASA does not support.

 

View solution in original post

1 Reply 1

@hoaithanhdo if using an ASA you could use an FQDN object, this relies on DNS.

 

More information:

https://www.cisco.com/c/en/us/support/docs/security/adaptive-security-appliance-asa-software/216553-understand-the-working-of-dns-on-asa-whe.html

 

Ideally you should look to upgrade to FTD (or another NGFW), windows update is an application you can select in the firewall policy....amongst other more advanced features that the ASA does not support.

 

Review Cisco Networking for a $25 gift card