Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
Start a conversation
2975
Views
0
Helpful
10
Replies

ASA 5520 Series block web site

phonevilayb
Level 1
Level 1

ā€Ž12-05-2010 05:54 PM - edited ā€Ž03-11-2019 12:18 PM

Dear all;

Please help me to solve the problem.now,I have ASA 5520 Series and set it up already but I face a problem

when I block certain website it work but when I go to hotmail I cannot download attached files (it looks like was block  program all script)

how to solve it and also I I block MSN ,yahoo...all chat but allow skype

or could you please give me the direction:

- I want to block All Pornography Websites

- block some web site according to the schudule

- block all chat but allow Skype

thank you for your kindly

phonevilay Cisco newbie

Labels:
0 Helpful
10 Replies 10

Maykol Rojas
Cisco Employee
Cisco Employee

ā€Ž12-06-2010 07:55 AM

Hello,

You can use the following link to block certain websites,

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a0080940e04.shtml

However, this is meant for small deployment, block a few sites in plain http format.

Hope it helps.

Mike

Mike
0 Helpful

phonevilayb
Level 1
Level 1
In response to Maykol Rojas

ā€Ž12-07-2010 01:21 AM

Maykol Rojas;

Thank you very much for your reply

yes I do as follow as URL that you sent to me my problem is when I use like

url you give it looks like not quite good ,it can block but if you try you will see that when you login to hotmail you cannot download attached file from the website

can you check it,

-no probplem with blocking . it is working well.

just cannot download attached files from hotmail (cannot load java script .I think)

and if possible when I block web site and it automatically redirect to new web site instead of  server reset page

thank you very much

phonevilay

0 Helpful

Maykol Rojas
Cisco Employee
Cisco Employee
In response to phonevilayb

ā€Ž12-07-2010 05:03 AM

Hello,

May we see the configuration?

Cheers

Mike

Mike
0 Helpful

phonevilayb
Level 1
Level 1
In response to Maykol Rojas

ā€Ž12-07-2010 06:38 PM

Maykol Rojas

thank you very much for helping me

I will try it again and sent you  the configuration

Best regards;

phonevilay

0 Helpful

phonevilayb
Level 1
Level 1
In response to phonevilayb

ā€Ž12-07-2010 08:39 PM

Dear Maykol Rojas

Bellow is my ASA config please hrlp me

0 Helpful

Maykol Rojas
Cisco Employee
Cisco Employee
In response to phonevilayb

ā€Ž12-07-2010 09:22 PM

Hello,

This is not going to happen only with hotmail, it will happen to all http sites that you need to do downloads to, if you need to do URL blocking only, I think you should use the blocking part only and eliminate the part of protocol violation.

Cheers

Mike

Mike
0 Helpful

phonevilayb
Level 1
Level 1
In response to Maykol Rojas

ā€Ž12-07-2010 10:45 PM

Hi Maykol Rojas

I really sorry to say that is true ,I cannot down load file from mail attach file only but other site I can download

hotfile.com,driver.com or even other site give download I can ,but file attachment from email I can not download

Thank you for your quick reply ,I am real time online

Best regards;

Phonevilay

0 Helpful

phonevilayb
Level 1
Level 1
In response to phonevilayb

ā€Ž12-07-2010 11:09 PM

Dear Maykol Rojas

I see proplem look live the same with this article please look this URL

https://supportforums.cisco.com/docs/DOC-1268

it Said that "

Aug 9, 2010 7:31 PM

Charles Radke Charles Radke  says in response to ahmed yassin:

Hey Ahmed,

I couldn't figure out how to stop it from letting you save the attachment.  However, I did figure out how to block access to all attachments from hotmail (even the little picture preview thing).  Use at your own risk:

regex GET_ATTACH ".*([Gg][Ee][Tt][Aa][Tt][Tt][Aa][Cc][Hh][Mm][Ee][Nn][Tt])\.([Aa][Ss][Pp][Xx]).*"
regex SCAN_ATTACH ".*([Ss][Cc][Aa][Nn][Aa][Tt][Tt][Aa][Cc][Hh][Mm][Ee][Nn][Tt])\.([Aa][Ss][Pp][Xx]).*"
regex HOTMAIL_URL ".*([Mm][Aa][Ii][Ll])\.([Ll][Ii][Vv][Ee])\.([Cc][Oo][Mm])"

class-map type inspect http match-all HOTMAIL_SMACKDOWN
match request header host regex HOTMAIL_URL
match request uri regex SCAN_ATTACH

class-map type inspect http match-all HOTMAIL_SMACKDOWN_THE_SEQUEL
match request header host regex HOTMAIL_URL
match request uri regex GET_ATTACH

policy-map type inspect http HOTMAIL_SMACKDOWN
parameters
class HOTMAIL_SMACKDOWN_THE_SEQUEL
  drop-connection log
class HOTMAIL_SMACKDOWN
  drop-connection log

policy-map global_policy
class inspection_default
inspect http HOTMAIL_SMACKDOWN

"

but i need can save the attachment from my email

I am so sorry to disturbed many time,because I must to fix it out

thank you

Best regards;

Phonevilay

0 Helpful

phonevilayb
Level 1
Level 1
In response to phonevilayb

ā€Ž12-08-2010 01:48 AM

dear Maykol Rojas

I am sure that problem is from some where in confige but where ?

I can download attachment files from every web mail server but only one web mail server

I cannot save /download files attached (the mail server that problem is only HOTMAIL.com)

Best regards;

Phonevilay

0 Helpful

vanhai08
Level 1
Level 1
In response to Maykol Rojas

ā€Ž03-20-2017 02:41 AM

I am do complete but block all website, only url in DomainBlockLisk allowed access. The problem I desire all url allowed access and url in DomainBlockLisk can not access. Please help me. Thank so much

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card