cancel
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
2969
Views
0
Helpful
10
Replies

ASA 5520 Series block web site

phonevilayb
Level 1
Level 1

Dear all;

Please help me to solve the problem.now,I have ASA 5520 Series and set it up already but I face a problem

when I block certain website it work but when I go to hotmail I cannot download attached files (it looks like was block  program all script)

how to solve it and also I I block MSN ,yahoo...all chat but allow skype

or could you please give me the direction:

- I want to block All Pornography Websites

- block some web site according to the schudule

- block all chat but allow Skype

thank you for your kindly

phonevilay Cisco newbie

10 Replies 10

Maykol Rojas
Cisco Employee
Cisco Employee

Hello,

You can use the following link to block certain websites,

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a0080940e04.shtml

However, this is meant for small deployment, block a few sites in plain http format.

Hope it helps.

Mike

Mike

Maykol Rojas;

Thank you very much for your reply

yes I do as follow as URL that you sent to me my problem is when I use like

url you give it looks like not quite good ,it can block but if you try you will see that when you login to hotmail you cannot download attached file from the website

can you check it,

-no probplem with blocking . it is working well.

just cannot download attached files from hotmail (cannot load java script .I think)

and if possible when I block web site and it automatically redirect to new web site instead of  server reset page

thank you very much

phonevilay

Hello,

May we see the configuration?

Cheers

Mike

Mike

Maykol Rojas

thank you very much for helping me

I will try it again and sent you  the configuration

Best regards;

phonevilay

Dear Maykol Rojas

Bellow is my ASA config please hrlp me

Hello,

This is not going to happen only with hotmail, it will happen to all http sites that you need to do downloads to, if you need to do URL blocking only, I think you should use the blocking part only and eliminate the part of protocol violation.

Cheers

Mike

Mike

Hi Maykol Rojas

I really sorry to say that is true ,I cannot down load file from mail attach file only but other site I can download

hotfile.com,driver.com or even other site give download I can ,but file attachment from email I can not download

Thank you for your quick reply ,I am real time online

Best regards;

Phonevilay

Dear Maykol Rojas

I see proplem look live the same with this article please look this URL

https://supportforums.cisco.com/docs/DOC-1268

it Said that "

Charles Radke Charles Radke  says in response to ahmed yassin:

Hey Ahmed,

I couldn't figure out how to stop it from letting you save the attachment.  However, I did figure out how to block access to all attachments from hotmail (even the little picture preview thing).  Use at your own risk:

regex GET_ATTACH ".*([Gg][Ee][Tt][Aa][Tt][Tt][Aa][Cc][Hh][Mm][Ee][Nn][Tt])\.([Aa][Ss][Pp][Xx]).*"
regex SCAN_ATTACH ".*([Ss][Cc][Aa][Nn][Aa][Tt][Tt][Aa][Cc][Hh][Mm][Ee][Nn][Tt])\.([Aa][Ss][Pp][Xx]).*"
regex HOTMAIL_URL ".*([Mm][Aa][Ii][Ll])\.([Ll][Ii][Vv][Ee])\.([Cc][Oo][Mm])"

class-map type inspect http match-all HOTMAIL_SMACKDOWN
match request header host regex HOTMAIL_URL
match request uri regex SCAN_ATTACH

class-map type inspect http match-all HOTMAIL_SMACKDOWN_THE_SEQUEL
match request header host regex HOTMAIL_URL
match request uri regex GET_ATTACH

policy-map type inspect http HOTMAIL_SMACKDOWN
parameters
class HOTMAIL_SMACKDOWN_THE_SEQUEL
  drop-connection log
class HOTMAIL_SMACKDOWN
  drop-connection log

policy-map global_policy
class inspection_default
inspect http HOTMAIL_SMACKDOWN

"

but i need can save the attachment from my email

I am so sorry to disturbed many time,because I must to fix it out

thank you

Best regards;

Phonevilay

dear Maykol Rojas

I am sure that problem is from some where in confige but where ?

I can download attachment files from every web mail server but only one web mail server

I cannot save /download files attached (the mail server that problem is only HOTMAIL.com)

Best regards;

Phonevilay

I am do complete but block all website, only url in DomainBlockLisk allowed access. The problem I desire all url allowed access and url in DomainBlockLisk can not access. Please help me. Thank so much

Review Cisco Networking for a $25 gift card