12-10-2020 01:19 AM - edited 12-13-2020 10:23 PM
We want to implement a Cisco Firepower Thread Defense 1150 HA pair and are looking at the opions of adjusting the block page. The documenation is very thin about this topic. We now use a proxy server, that has limited adjustabilities of block pages as well. So we use an external block page instead, where we let the users open tickets directly via the block page itself. For this, we need some information like:
So in our block page for our barracuda web filter proxy, we just forward to the external page, giving all the important information in the URL. it looks like this:
<script type="text/javascript" language="javascript"> window.location.href = "http://proxyblock/?d=%d&l=%l&r=%r&t=%t&z=%z"; </script> Forwarding to proxy block page...
We are essentially looking for the same on the FTD. But there is no documentation on what variables are available that we can use... How have other companies solved this?
Thanks for any advice. Link to the documentation: https://www.cisco.com/c/en/us/td/docs/security/firepower/620/configuration/guide/fpmc-config-guide-v62/http_response_pages_and_interactive_blocking.html
12-14-2020 08:21 AM
12-15-2020 01:35 AM
We didnt ask for how to forward. We already forward to our internal webserver where the blockpage ist hosted. We are looking for available VARIABLES from the firewall that gives us the reason the access has been blocked.
12-15-2020 02:57 AM
Just found a topic that has the same question 5 years ago as i have today:
Sad, that Cisco was not able to implement this feature in the last 5 years. Hopefully this will come within the next 5 years...
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: