Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
520
Views
0
Helpful
1
Replies

Cisco ISA firewall

Go to solution
Ccryshna1
Level 1
Level 1

‎06-09-2013 10:50 PM - edited ‎03-11-2019 06:55 PM

how to block specific ip address to use facebook and youtube in ciscoISA 500 series firewall?

please answer with step by step i am new about it !

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
julomban
Level 3
Level 3

‎06-12-2013 02:42 PM

Krishna,

You can try the following:

!-----------/ Begin Output /-----------!

regex domainlist1 "\.facebook\.com"

access-list inside_mpc extended deny tcp host 10.10.10.10 any eq www

access-list inside_mpc extended permit tcp any any eq www

class-map type regex match-any DomainBlockList

match regex domainlist1

class-map type inspect http match-all BlockDomainsClass

match request header host regex class DomainBlockList

class-map httptraffic

match access-list inside_mpc

policy-map type inspect http http_inspection_policy_blockdomains

parameters

protocol-violation action drop-connection

class BlockDomainsClass

reset log

policy-map global_policy

class httptraffic

inspect http http_inspection_policy_blockdomains

!------------/ End Output /------------!

The access list in bold are to exclude host 10.10.10.10 (example) from been inspected by regex, everything else will be blocked by the ASA to access facebook.

Hope it helps,

Juan Lombana

Please rate helpful posts.

View solution in original post

0 Helpful
1 Reply 1

Go to solution
julomban
Level 3
Level 3

‎06-12-2013 02:42 PM

Krishna,

You can try the following:

!-----------/ Begin Output /-----------!

regex domainlist1 "\.facebook\.com"

access-list inside_mpc extended deny tcp host 10.10.10.10 any eq www

access-list inside_mpc extended permit tcp any any eq www

class-map type regex match-any DomainBlockList

match regex domainlist1

class-map type inspect http match-all BlockDomainsClass

match request header host regex class DomainBlockList

class-map httptraffic

match access-list inside_mpc

policy-map type inspect http http_inspection_policy_blockdomains

parameters

protocol-violation action drop-connection

class BlockDomainsClass

reset log

policy-map global_policy

class httptraffic

inspect http http_inspection_policy_blockdomains

!------------/ End Output /------------!

The access list in bold are to exclude host 10.10.10.10 (example) from been inspected by regex, everything else will be blocked by the ASA to access facebook.

Hope it helps,

Juan Lombana

Please rate helpful posts.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card