How to block access to any website which is running on different IP addresses?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-25-2015 11:05 PM - edited 03-11-2019 11:47 PM
Hello Experts,
I want to block access to a website which is running on multiple IP addresses (changes every time) but keep the following points in account:
a) I'm using ASA 5505 and other Cisco switches
b) I don't have any content filters like Websense linked with the ASA 5505
c) I have already tried using ACL by denying the entire IP block of the target website, but that results to blocking of some legitimate websites (because the hosting company uses the same network range to host other websites too, which are essential and needful).
Please help me by giving some suggestions regarding how can I do this with ACL, if possible. I know that may be if I adopt using content filters, it will yield my desired result, but still looking for some expert opinions.
Thanks in advance.
Samrat Bose.
- Labels:
-
NGFW Firewalls
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-26-2015 09:00 AM
You can do this by using URL filtering using Regex. Something like the following to drop anything in the yahoo.com domain:
regex BLOCKED_REG "yahoo\.com"
class-map type inspect http match-any BLOCKED_CLASS
match request uri regex BLOCKED_REG
policy-map type inspect http BLOCKED_POLICY
parameters
class BLOCKED_CLASS
drop-connection log
policy-map global_policy
class inspection_default
inspect http block BLOCK_POLICY
service-policy global_policy global
--
Please remember to select a correct answer and rate helpful posts
Please remember to select a correct answer and rate helpful posts
