11-07-2016 12:37 AM - edited 03-10-2019 06:42 AM
Hi,
I am working with setting up a Firepower-system on a ASA5525X. I have enabled blocking of some URL-categories, this is working fine and I can see that a number of connections to forbiddel categories are stopped. But how can I drill this down and see what internal hosts are trying to access forbiddel URLs? Any standard reports or dashboards that gives this information?
Regards,
Thor-Egil
Solved! Go to Solution.
11-07-2016 07:15 AM
Hello, what do you use for configuration of FirePOWER module? ASDM or FirePOWER Management Center (FMC)? In FMC you can get detailed information about every transaction in tab Analysis -> Connection -> Events. Please, see the attach.
But first, you need to configure logging in the Access Policies.
11-07-2016 07:15 AM
Hello, what do you use for configuration of FirePOWER module? ASDM or FirePOWER Management Center (FMC)? In FMC you can get detailed information about every transaction in tab Analysis -> Connection -> Events. Please, see the attach.
But first, you need to configure logging in the Access Policies.
11-07-2016 11:34 PM
Thank you fpr your anwer, this was what I was looking for.
Br,
Thor-Egil
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide