Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1933
Views
0
Helpful
1
Replies

HTTPS inspection on ASA with SmartFilter

Go to solution
alig.norbert
Level 4
Level 4

‎05-13-2010 03:14 PM - edited ‎03-11-2019 10:45 AM

Hi all,

I got an ASA5505 with URL-filtering through SmartFilter.

HTTP ist working fine. HTTPS unfortunately can only be blocked on the SmartFilter with the IP address (e.g. https://70.42.13.100)

and not with the domain-name (e.g. https://www.cisco.com/).


On the ASA, the SyslogID 304001 shows only   <inside client ip> Accessed URL 70.42.13.10:https://70.42.13.10/ and this is, what the

SmartFilter are checking.

How can I tell the ASA to log/send the URL name to the SmartFilter?

Thanks,

Norbert

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Panos Kampanakis
Cisco Employee
Cisco Employee

‎05-14-2010 11:45 AM

The smartfilter blocks https doing a reverse lookup for all illegit urls.

In other words when it sees the ip address you are https-ing to it checks what domain the ip address belongs and then decides if it needs to block.

The ASA does not know the url because the http has the URL encrypted and so it can't log it.

I hope it makes sense.

PK

View solution in original post

0 Helpful
1 Reply 1

Go to solution
Panos Kampanakis
Cisco Employee
Cisco Employee

‎05-14-2010 11:45 AM

The smartfilter blocks https doing a reverse lookup for all illegit urls.

In other words when it sees the ip address you are https-ing to it checks what domain the ip address belongs and then decides if it needs to block.

The ASA does not know the url because the http has the URL encrypted and so it can't log it.

I hope it makes sense.

PK

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card