Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1180
Views
4
Helpful
1
Replies

How to block access to any website which is running on different IP addresses?

Samrat Bose
Level 1
Level 1

‎10-25-2015 11:05 PM - edited ‎03-11-2019 11:47 PM

Hello Experts,

I want to block access to a website which is running on multiple IP addresses (changes every time) but keep the following points in account:

a) I'm using ASA 5505 and other Cisco switches

b) I don't have any content filters like Websense linked with the ASA 5505

c) I have already tried using ACL by denying the entire IP block of the target website, but that results to blocking of some legitimate websites (because the hosting company uses the same network range to host other websites too, which are essential and needful).

Please help me by giving some suggestions regarding how can I do this with ACL, if possible. I know that may be if I adopt using content filters, it will yield my desired result, but still looking for some expert opinions.

 

Thanks in advance.

 

Samrat Bose.

 

Labels:
0 Helpful
1 Reply 1

Marius Gunnerud
VIP
VIP

‎10-26-2015 09:00 AM

You can do this by using URL filtering using Regex.  Something like the following to drop anything in the yahoo.com domain:

regex BLOCKED_REG "yahoo\.com"

class-map type inspect http match-any BLOCKED_CLASS
  match request uri regex BLOCKED_REG

policy-map type inspect http BLOCKED_POLICY
  parameters
  class BLOCKED_CLASS
    drop-connection log

policy-map global_policy
  class inspection_default
    inspect http block BLOCK_POLICY

service-policy global_policy global

--

Please remember to select a correct answer and rate helpful posts

--
Please remember to select a correct answer and rate helpful posts
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card