FTP Filter Between PIX and Websense

bcook_69 · ‎06-24-2004

I am trying to get my PIX 515E running 6.3(3) to filter FTP traffic to my Websense box running 5.2. I enable the "filter FTP 21 0 0 0 0" command and all FTP traffic stops. I remove it and it flows again. I checked Websense and the protocol is allowed. I called Websense and they point to the PIX configuration. Can anyone give me an example config of a PIX that works using FTP filtering and Websense?

b.hsu · ‎06-30-2004

Well if you trying to stop for specific IP subnets try mentioning them instead of 0 0 0 0.

bcook_69 · ‎06-30-2004

Sorry, you misunderstood my question. I want all FTP traffic to be filtered via Websense hence the 0 0 0 0 statement. The problem is that it looks as if no FTP traffic is flowing from the PIX to Websense for filtering.

asalmeron · ‎07-09-2004

Here below is an excert from my pix doing exactly what you need. I have also included the http & https lines for review. The Pix & Websense had a problem with long URL's that they fixed in 6.1 or 6.2 i believe. This is the reason for the "longurl-truncate" command.

If you've ever used the PDM that might be on your pix, it is a little easier to use if you would rather use a GUI. You would just go to the configuration section, access rules tab and then the filtering rules bullet. From there right click and add your filtering action.

Btw, I am running 6.3.(3) on the PIX and 3.0(1) for the PDM.

Hope this helps.

filter url http 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 longurl-truncate

filter https 443 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0

filter ftp 21 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0