Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1256
Views
0
Helpful
3
Replies

ASA 5505 Url Filtering

Annibale Uberti Foppa
Level 1
Level 1

‎03-08-2011 07:19 AM - edited ‎03-11-2019 01:02 PM

Hi at all and sorry for my bad english...

I have a problem configuring url filtering on ASA 5505 rel 8.3.1: I have to block the web navigation to facebook and, with my configuration, it works fine.

The problem is when I try to access on other sites where there are a links to facebook, I cannot see that site and not only the button of facebook.

I hope that I explain it well, here is my configuration, thanks at all!!!

Hubert7

regex urllist1 ".*\.([Ee][Xx][Ee]|[Cc][Oo][Mm]|[Bb][Aa][Tt]) HTTP/1.[01]"

regex urllist2 ".*\.([Pp][Ii][Ff]|[Vv][Bb][Ss]|[Ww][Ss][Hh]) HTTP/1.[01]"

regex urllist3 ".*\.([Dd][Oo][Cc]|[Xx][Ll][Ss]|[Pp][Pp][Tt]) HTTP/1.[01]"

regex urllist4 ".*\.([Zz][Ii][Pp]|[Tt][Aa][Rr]|[Tt][Gg][Zz]) HTTP/1.[01]"

regex domainlist1 "\.facebook\.it"

regex domainlist2 "\.facebook\.*"

regex domainlist3 "*\.facebook\.*"

regex contenttype "Content-Type"

regex applicationheader "application/.*"

access-list inside_mpc extended permit tcp any any eq www

access-list inside_mpc extended permit tcp any any eq 8080

class-map type regex match-any DomainBlockList

match regex domainlist1

match regex domainlist2

match regex domainlist3

class-map type inspect http match-all BlockDomainsClass

match request header host regex class DomainBlockList

class-map type regex match-any URLBlockList

match regex urllist1

match regex urllist2

match regex urllist3

match regex urllist4

class-map type inspect http match-all AppHeaderClass

match response header regex contenttype regex applicationheader

class-map httptraffic

match access-list inside_mpc

class-map type inspect http match-all BlockURLsClass

match request uri regex class URLBlockList

policy-map type inspect http http_inspection_policy

parameters

  protocol-violation action drop-connection

class AppHeaderClass

drop-connection log

match request method connect

  drop-connection log

class BlockDomainsClass

  reset log

class BlockURLsClass

  reset log

policy-map inside-policy

class httptraffic

  inspect http http_inspection_policy

service-policy inside-policy interface inside

Labels:
0 Helpful
3 Replies 3

PAUL GILBERT ARIAS
Level 5
Level 5

‎03-08-2011 01:11 PM

I am not sure if there is a workaround to that issue since this type of filtering is basic. For better results you should be looking at a solution that looks into the content of the website. I know websense is able to block just the denied content and display the rest. I think the CSC-SSM is able to do that.

I hope this helps.

0 Helpful

Annibale Uberti Foppa
Level 1
Level 1
In response to PAUL GILBERT ARIAS

‎03-09-2011 09:26 AM

Thank you Paul

0 Helpful

PAUL GILBERT ARIAS
Level 5
Level 5
In response to Annibale Uberti Foppa

‎03-09-2011 10:23 AM

if things are fine please mark the question as answered.

Have a good one.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card