Try creating a rule at the

EckoForce_1 · ‎10-27-2016

All traffic going through the ASA is uncategorized.

How does it become categorized?

License Info

Malware Valid License 1 2019-07-16 08:22:42

Protection Control Valid License 1 Never

URL Filtering Valid License 1 2019-07-16 08:22:42

System Info

Model ASA5516

Serial Number XXXXX

Software Version 6.1.0 (build 330)

OS Cisco Fire Linux OS 6.1.0 (build37)

Snort Version 2.9.9 GRE (Build 52)

Rule Update Version 2016-10-25-001-vrt

Rulepack Version 1791

Module Pack Version 2062

Geolocation Update Version 2016-08-03-001

VDB Version build 271 ( 2016-07-13 19:21:54 )

The ASA is in Transparent mode.

Any ideas?

michaellperrin · ‎10-27-2016

Try creating a rule at the top of your access policy for all URL categories and set the action to monitor.

EckoForce_1 · ‎10-28-2016

That didn't work. All the traffic is still not categorized

I attached the rule that I placed at the top of Access Control Policy

I went to HTTP and HTTPS pages......it viewed cisco, bing, live etc.....all as uncategorized.

michaellperrin · ‎10-28-2016

You have to add URL categories to the catch all policy.

EckoForce_1 · ‎10-31-2016

So I had to select a reputation to get it look the above.....I made one and tested it failed and then made two each selected all the reputations. Still all traffic uncategorized.

See attached

michaellperrin · ‎10-31-2016

Do you have the URL filtering turned on? Also when was the last time it was updated?

System--> Integration

Also just to make sure. When you added the monitor rules did you deploy the change to the sensor?

EckoForce_1 · ‎10-31-2016

Url filtering is enabled and I updated it last week from Cisco.com because the ASA is not on the internet. Its in transparent mode and traffic flows through it to a proxy server like connection.

I get that it should be online for unknown obscure urls but it cant even categorize cisco.com....

kiki.marconio · ‎10-28-2016

I have this problem, too. and I don't know what to check?

K.

ashkit2016 · ‎11-11-2016

I have similar issue. I found it sometimes work properly, but sometimes become "Uncategorized".

Here is some observations that make it work properly.

1. After I made changes on a monitor rule which have URLs setting, and deployed the changes, the URL Category can be showed properly.

2. A few days later, I found the URL Category showing uncategorized again.

3. I rebooted the FirePower, and the URL Category works again.

I am still observation how many days after will become uncategorized, and I am searching for solution too.

Oliver Kaiser · ‎11-11-2016

There is a bug in 6.1 that is causing url filtering categorization to fail. I have had this issue with FTD 6.1.0.333 on FP 9300 and according to CSCvb63250 it should only affect 4100/9300 but I am not so sure about that since the bug description isnt totally correct in my opinion.

Try contacting TAC, a hotfix (atleast for 9300) exists for this issue.

ASA FirePOWER All Traffic Uncategorized