Buy or Renew
Buy or Renew
NEW! Stay up-to-date on Cisco Secure Access: Software Release Notes and Announcements
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2088
Views
0
Helpful
3
Replies

Problem adding URL to whitelist using Regex.

abdallah malas
Level 1
Level 1

‎01-09-2014 10:43 AM - edited ‎03-11-2019 08:27 PM

Hello,
We have a Cisco 5525 ASA, and we have a Whitelist where only the agents are allowed to go to specific websites.

I am using the following commands to add a new URL to a list which was preconfigured by another IT member:

Example:

(config)# regex allowurl1 "facebook\.com"

(config)# class-map type inspect http match-all allow-url-class2

(-cmap)# match not request header host regex allowurl1

(-cmap)#end

#wr mem

the following commands added the new URL to the whitelist, but the other websites stopped working.

We were trying to fix the problem, and the firewall crashed on us !

After the restart all the websites went back working fine, and all the added websites are working fine as well !

I heard from other IT workers I know, that this is a bug in 5525 ASA, and to avoid it i need to take service policy off then re-enable it when am done.

I need to add other websites to our network, I would like to know if any one had  a similar situation, and the way i can avoid it.

Thanks in advance for your help.

Best Regards.

Labels:
0 Helpful
3 Replies 3

m.kafka
Level 4
Level 4

‎01-11-2014 05:31 AM

The simlest solution to match against several regex might be to use a regex-class with a match any.

In your http class-map you then use regex-class instead of regex.

Here is a brief decription:

http://www.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/mpf.html#wp1104509

0 Helpful

abdallah malas
Level 1
Level 1
In response to m.kafka

‎01-11-2014 08:07 AM

Thanks for the reply,
I read the article you sent, but I do not have the permission to change the Firewall configuration. They were made by a Cisco CCIE Engineer, am only allowed to modify (add websites)... on my other locations am using Kaspersky to Block URL and its User friendly and easy to change and modify.

But for this location am stuck with the Firewall URL allowed LIST ... I made the changes last time and they worked but after the Firewall crashed ! and required a manual restart. I want to see how I can do the changes again but avoid the crashing part. Is it related to service policy ?

0 Helpful

m.kafka
Level 4
Level 4
In response to abdallah malas

‎01-11-2014 04:28 PM

Why do you ask us if you can't change anything?

Wondering,

MiKa

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card