ASA Firepower URL and App filtering is not working.

Lost & Found · ‎03-01-2016

Hi Sir's,

I Made a new app filtering policy and URL Filtering on Cisco firepower blocking all social networking site and torrent but still I can access and download.

Upon checking the ACP is using the access rule default action and not the one i created.

Details

i got software ver 5.3.1 and using ASA 5512 ver 9.4(1)

pls see the attached photo.

Hope you could give some ideas

thanks

Dennis Perto · ‎03-09-2016

Hi

I would highly recommend that you upgrade to the latest 5.4 software on both the Firepower sensor, and on the Firesight manager.

Please check that your Source Zone and Destination Zone points at "inside" and "outside2" interfaces, and that URL filtering is enabled under System -> Local -> Configuration -> Cloud Services.

Lost & Found · ‎03-09-2016

Hi Dennisperto,

Thank you for the info. I already upgraded my software to 5.4.1 but still the same.

Also I verified the zone and local configuration (URL FIL ENABLED).

I created and applied a new policy but the result is all of my workstation can't ping and access the internet even though I permit sites like google. etc.

Thank you

Dennis Perto · ‎03-09-2016

Please share a photo of the connection events that are not working. :)

Lost & Found · ‎03-10-2016

sample of access policy on events

Dennis Perto · ‎03-10-2016

I think that you will need to make a TAC case for this issue.
It seems like you are doing everything correct.

Lost & Found · ‎03-15-2016

Thanks for the info. ill just contch tac support.