cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

952
Views
25
Helpful
10
Replies
wynneitmgr
Participant

Block URLs using ASDM

I would like to use ASDM to block my users from accessing certain websites. I am using ASDM 7.9 on ASA 5508. For instance, a url like Facebook, has multiple IP addresses. Any suggestions? Thank you.

1 ACCEPTED SOLUTION

Accepted Solutions

@wynneitmgr 

There would be cost involved in the proxies I was thinking of, such as Cisco WSA or Cisco Umbrella SWG.

View solution in original post

10 REPLIES 10
Rob Ingram
VIP Mentor

Hi @wynneitmgr 

You could try using FQDNs in the access-list, example:-

 

https://community.cisco.com/t5/security-documents/using-hostnames-dns-in-access-lists-configuration-steps-caveats/ta-p/3123480

 

....but a proper web proxy would be a better solution than doing this on the ASA.

 

 

@Rob Ingram 

So setting up a web proxy is a better way to block websites? I will try that.

@wynneitmgr Yes, much more features than an ASA. Alternatively if you were running FTD software (instead of ASA) with the URL filtering license, you'd be able to better filter traffic based on the URL, but less features than a dedicated web proxy.

@Rob Ingram 

So are you suggesting something different then just editing the Hosts file with URLs that I want to block?

I was never suggesting editing host files to block the URLs.

If you just want to block facebook, you can use any of the options suggested....however a web proxy is probably a better solution, imo.

@Rob Ingram 

Thanks for the clarification. I guess I am not familiar with setting up a web proxy. I will have to do some research on how to do that. Do you know if there is any good documentation online that I can read? Thanks!!

@wynneitmgr 

There would be cost involved in the proxies I was thinking of, such as Cisco WSA or Cisco Umbrella SWG.

View solution in original post

balaji.bandi
VIP Master

check the information help you :  ( what model of ASA , do you have IPS module ?)

 

https://community.cisco.com/t5/security-documents/asa-url-filtering-via-asdm/ta-p/3120314

 

BB

***** Rate All Helpful Responses *****

How to Ask The Community for Help

@balaji.bandi 

I have an ASA 5508 with ASDM 7.9

as per the thread this was resolved i guess it was marked as solution, or any further assistance required here.

BB

***** Rate All Helpful Responses *****

How to Ask The Community for Help