cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

2063
Views
4
Helpful
9
Replies
Highlighted
Beginner

Cisco ASA url filtering

I have cisco ASA 5515 and it is working fine. Now i want to enable url filtering so that i can filter websites like facebook, youtube, torrents and so on. I don't have the url filtering licence and as per the cisco document it says we don't need url filtering license for that. So in what way i can block them? 

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted

Hi,

Yes surely, please check this link:

http://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/100535-asa-8x-regex-config.html

Regards,

Aditya

Please rate helpful posts and mark correct answers.

View solution in original post

9 REPLIES 9
Highlighted
Cisco Employee

Hi Diwakar,

You can check this document:

https://supportforums.cisco.com/document/7201/asa-url-filtering-without-websense-or-n2h2smartfilter-server

Regards,

Aditya

Please rate helpful posts.

Highlighted

Hi Aditya,

Thank you for your input. Can the same thing be done from  the ASDM? 

Highlighted

Hi,

Yes surely, please check this link:

http://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/100535-asa-8x-regex-config.html

Regards,

Aditya

Please rate helpful posts and mark correct answers.

View solution in original post

Highlighted

Hi Aditya,

Actually, i tried using the ASDM and there i could not find the object and Regular expression under firewall . 

I am using ASA 9.2(2) and ASA version 7.2

Highlighted

Hi,

Check the screenshot attached.

Regards,

Aditya

Highlighted

Hello there,

Thank you very much. It was there the whole time and i couldn't see that. My bad. I will look into the document and do accordingly and update here asap.

Highlighted

No issues, gald to assist you.

Feel free to post in case of any queries.

Regards,

Aditya

Highlighted

Hi Aditya, 

I used the above method as the document said but i couldn't block the url. I restarted the ASA but again it didn't work. What could be the reason. Can the url filtering be done using  SFR module on the ASA? Do we need license for this? 

Highlighted

Yes, you can use the Sourcefire module for this also. Doing that will allow a much higher level of granularity to your filtering. 

For example, you can filter by certain users and allow certain sites just for certain users. We currently use it and it is a much better solution than the CSC was. That was not a good solution by Cisco.

Of course with this type of module, there is a cost for the licensing. It is not a per user or anything, just a cost for the module. 

Also, if you have VMWare, the management appliance comes in a OVA form.

Content for Community-Ad