Blocking Website on ASA

anthony.dyne · ‎02-18-2012

Hi

I got ASA 5510 and need to block traffic to youtube and facebook for some users, can we do this on ASA.

Doing some research I found that its doable if you got Microsoft ISA or Bluecoat Proxy

thanks

Anthony

Dan-Ciprian Cicioiu · ‎02-19-2012

Hi Anthony,

Yes you can, using inspection rules on http.

Have a look at this document :

Dan

saquib.tandel · ‎02-19-2012

Hello DAN, Anthony

I got Two subnets ( or say two vlans ) ; can I block url for one Subnet and allow for other subnet.

Setup goes like this...

ASA-----------------3560--------------2960_switches

On 3560

vlan 5

users

vlan 6

executive

interface vlan 5

ip address 10.1.1.1 255.255.255.0

interface vlan 6

ip address 10.1.2.1 255.255.255.0

ip route 0.0.0.0 0.0.0.0 192.168.1.100 (( 192.168.1.100 - firewall inside IP ))

cheers

Saquib

Marvin Rhoads · ‎02-19-2012

I think you can. When you create the service policy rule, choose only the source network(s) you want to apply the rule to.

Here is the screen is ASDM that you would select that:

saquib.tandel · ‎02-19-2012

thanks marvin ; i will test this option

cheers

Saquib