Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
596
Views
0
Helpful
1
Replies

how to block https sites with asa 5515

Shakespeare Rodas
Level 1
Level 1

‎04-01-2014 10:09 AM - edited ‎03-11-2019 09:01 PM

Hi friends, i want to block https sites and i have a cisco asa 5515-x, somebody have idea for do that?

Labels:
0 Helpful
1 Reply 1

Marvin Rhoads
Hall of Fame
Hall of Fame

‎04-01-2014 01:37 PM

The default behavior of an ASA is to allow all traffic from more secure (Inside) to less secure (Outside) interfaces. If you want to change that then add an access-list.

The problem is that most - but not all - sites use tcp/443 for https. So while a simple deny tcp/443 followed by a permit any (required because once you put and access control list entry on an interface, an implicit "deny any" is added to the end of the list) will catch most of the https, it won't catch it all.

But if that suffices for your purposes go for it.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card