Buy or Renew
Buy or Renew
Meraki Community is live! Welcome Meraki Members! Learn more here.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
619
Views
0
Helpful
1
Replies

Cisco 2911 IOS Fireall configuration for HTTPS trafic block

rsjavahar
Level 3
Level 3

‎03-28-2014 02:01 AM - edited ‎03-11-2019 09:00 PM

Hi

 

I am configuring Cisco 2911 Sec-k9 router. i am able to block all the sites but not able to block Https Trafic like Facebook,youtube,some unwanted Sites. how to block them. i tried with key word blocking, but still https Sites are opening.

and i want give the full internet  access to limited  people

Router : Cisco 2911-Seck9 (no aditional licenses)

 

thanks in advance

Javahar
 

 

 

Labels:
0 Helpful
1 Reply 1

Karsten Iwen
VIP
VIP

‎03-28-2014 03:32 AM

Without any additional license or equipment, that's very hard to achieve.

The best way to solve that problem is to use an ASA-NGFW instead of the IOS-router.

If you have to stick with the router you could use Cisco Web Security (CWS) formaly known as Scansafe. But that needs also an additional license.

With only the router you could try some dirty hacks. For example you can deny all unwanted IPs (that of Facebook, Youtube ...) in an ACL. But that is very hard to manage. Or you could control the DNS-communication in a way that your DNS-server return an internal IP of your own webserver for all the unwanted domains.

 

But all in all, you are using the wrong tool for that problem.

--
If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card