Buy or Renew
Buy or Renew
NOTICE: You can now engage in the community. Learn about the great new Cisco Umbrella content.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1720
Views
0
Helpful
1
Replies

Allow HTTP POST

pratikmehta1
Level 1
Level 1

‎06-17-2012 06:35 PM - edited ‎03-11-2019 04:20 PM

I have a cisco asa running 6.3

  I would like to allow HTTP POST method from specific IP range to a specific server.

all other IP addresses should only be allowed normal HTTP access to webserver.

   I tried to write up the policy map but getting a bit confused if the below if correct.

Please advice.

access-list POST_ACL extended permit tcp 10.10.10.0 255.255.248.0 172.16.0.1 eq 80

class-map POST_ACL

match access-list POST_ACL

class-map type inspect http match-all POST_METHOD

match request method post

policy-map type inspect http POST_POLICY_ACTION

parameters

class POST_METHOD

  drop-connection

policy-map POST_TRAFFIC

class

  inspect http POST_POLICY_ACTION

Labels:
0 Helpful
1 Reply 1

pratikmehta1
Level 1
Level 1

‎06-17-2012 09:16 PM

I think if I change the access-list to deny that would rather work?

access-list POST_ACL extended deny tcp 10.10.10.0 255.255.248.0 172.16.0.1 eq 80

class-map POST_ACL

match access-list POST_ACL

class-map type inspect http match-all POST_METHOD

match request method post

policy-map type inspect http POST_POLICY_ACTION

parameters

class POST_METHOD

  drop-connection

policy-map POST_TRAFFIC

class

  inspect http POST_POLICY_ACTION

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card