cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

1500
Views
10
Helpful
1
Replies
hoaithanhdo
Beginner

allow/deny to specifics url

Hello, 

I am using cisco asa 5520 , My manager want to connect https://*.windowsupdate.microsoft.com

I would like to know that this asa can be configured for this goal or not ? 

if it's ok, could you please share to me the best solution . 

Many thanks !

 

1 ACCEPTED SOLUTION

Accepted Solutions
Rob Ingram
VIP Expert

@hoaithanhdo if using an ASA you could use an FQDN object, this relies on DNS.

 

More information:

https://www.cisco.com/c/en/us/support/docs/security/adaptive-security-appliance-asa-software/216553-understand-the-working-of-dns-on-asa-whe.html

 

Ideally you should look to upgrade to FTD (or another NGFW), windows update is an application you can select in the firewall policy....amongst other more advanced features that the ASA does not support.

 

View solution in original post

1 REPLY 1
Rob Ingram
VIP Expert

@hoaithanhdo if using an ASA you could use an FQDN object, this relies on DNS.

 

More information:

https://www.cisco.com/c/en/us/support/docs/security/adaptive-security-appliance-asa-software/216553-understand-the-working-of-dns-on-asa-whe.html

 

Ideally you should look to upgrade to FTD (or another NGFW), windows update is an application you can select in the firewall policy....amongst other more advanced features that the ASA does not support.

 

Create
Recognize Your Peers
Content for Community-Ad