Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
512
Views
0
Helpful
1
Replies

Cisco FTD 1010 how to use FDM with HTTP Response Page for Blocked URLs

timr1
Level 1
Level 1

‎09-25-2022 01:42 PM

Seeking insight for activating the generic HTTP Response Page (Access Denied) for the Cisco FTD 1010 utilizing Firepower Device Manager v7.1.0.  For ACL Policies that are Blocked utilizing URL Categories, within the policy editor, I do not see the option or icon - HTTP Responses.  What am I visually missing, or misunderstanding?

Thanks in advance,

G

0 Helpful
1 Reply 1

betliu
Cisco Employee
Cisco Employee

‎10-09-2022 12:37 AM

There is a system response page that will show for web sites blocked by URL filtering rules. However, on FDM, there is no option to customize this response page.

You will be able to see the block response page only if you have blocked a particular http website
So, If you have blocked any particular website using FDM you will be able to see the block response page in the browser.

Here is some more info regarding the same-
When you block web sites with URL filtering rules, what the user sees differs based on whether the site is encrypted.

HTTP connections—: The user sees a system default block response page instead of the normal browser page for timed out or reset connections. This page should make it clear that you blocked the connection on purpose.

HTTPS (encrypted) connections—: The user does not see the system default block response page. Instead, the user sees the browser’s default page for a secure connection failure. The error message does not indicate the site was blocked due to policy. Instead, errors might indicate that there are no common encryption algorithms. It will not be obvious from this message that you blocked the connection on purpose.

Please refer to the documentation on this feature:
https://www.cisco.com/c/en/us/td/docs/security/firepower/70/fdm/fptd-fdm-config-guide-700/fptd-fdm-access.html#id_40051

Unfortunately, this option is limitation for local manger FDM. It can only be modified on devices managed by FMC.

Hope this answers your query

 

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card