 
					
				
		
			
    
	
		
		
		05-29-2013
	
		
		11:36 PM
	
	
	
	
	
	
	
	
	
	
	
	
	
	
 - last edited on 
    
	
		
		
		03-25-2019
	
		
		05:51 PM
	
	
	
	
	
	
	
	
	
	
	
	
	
	
 by 
		
	
	
	
			
				
		
		
			ciscomoderator
		
		
		
 
		
		
		
		
		
	
			
		
i have a running ASA5520 with limited protocols allowed but my objective now is blocking all facebook games and still allowing facebook website. anybody can help me with this??
05-29-2013 11:40 PM
Hi,
Sounds to me like something that you cant do on your ASA alone atleast.
To my understanding the new ASA CX could do this. Allow Facebook itself but still block parts of it like sharing pictures and playing games.
I am still waiting for a new ASA5515-X with ASA-CX so I can get to testing it myself.
Sadly this is naturally not something that its going to help you with your current device.
I am not totally sure what the different ASA modules and external web filtering services are able to do as I have never used them personally.
- Jouni
05-29-2013 11:42 PM
If you want to take a look at the ASA-CX more closely, here is for example site that lists the things related to Facebook it can control
- Jouni
 
					
				
		
05-29-2013 11:45 PM
my objective is to block all facebook games from my ASA5520 but not the facebook page
05-29-2013 11:48 PM
Hi,
To my understanding this would be possible with the ASA-CX.
I am not all that sure if its possible on the ASA alone. I imagine at the least you would need some web filtering solution and I am not even sure about that.
You should probably wait for someone from Cisco to answer or open a TAC Case with Cisco if you have the possibility to open one.
- Jouni
 
					
				
		
05-30-2013 03:02 AM
ow about blocking of website or domain such as apps.facebook.com because all games is going to this UR apps.facebook.com
05-30-2013 06:39 PM
You can filter by url, but it's not very scalable. I've done it with the cx, but with no cx you're pretty limited. Here's a write-up I did for url filtering.
http://www.packetpros.com/2012/08/url-filter-on-asa.html
Sent from Cisco Technical Support Android App
05-30-2013 08:54 PM
you guys are rights .
this can not achieve only with asa 5520 .
in my organization i am using Cyberoam UTM and it is pretty good.
You can even block chating and still allowing facebook websites
Regards,
Prashant
 
					
				
		
05-31-2013 10:15 PM
Yes it can be done in Cyberoam which i used before but with my new company all cisco equipment including firewall hope soon Cisco is going to have same function and easy to manage.
 
					
				
		
06-01-2013 08:21 AM
Hi Jason,
Your need is not the role of ASA 5520. For this you have to use a web filtering system.
Best regards.
 
					
				
		
06-01-2013 08:59 PM
Hi Belhadj,
yes i guess but with limited resources i will pobably check linux OS and use one pc in the office for web filtering.
 
					
				
		
06-02-2013 03:42 AM
Please remember to mark the reply as the correct answer!!
07-30-2013 02:11 AM
Hi everybody:
Somebody know any another cisco device to achive this application control, like facebook games, or other application?
I've read about a WLC or ISE, but you need an advanced licence, and this bring to me to another question
May I get this kind of advance license in a tryal mode?
I want to make a demo to show to my clients how to control this kind of activities, but I don't have an ASA CX
Any suggestion?
Thanks in advance
Al
 
					
				
				
			
		
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide