Re: Problem with URL filtering ASA5516 with firepower services

rayala00111 · ‎04-30-2018

Hello everyone, I have a problem with my ASA5516, it does not filter the communications via URL FILTERING, in the logs I can see only the default policy (trust all traffic), I have the license URL FILTERING enabled, and the access policy enabled, I do not have FMC, the policy is well configured to redirect traffic to the sfr module, any idea what may be happening? , I can not connect to service.brightcloud.com from the srf console, I have the dns configured, it does not filter manually created objects.

Thank you very much

Marvin Rhoads · ‎05-02-2018

You need to (at a minimum) monitor URLs in your ACP. Can you share a screenshot of your Access Control Policy in which you have configured URL monitoring or filtering?

rayala00111 · ‎05-04-2018

Hi Marvin

the problem was that there was no communication between the IP address of the SFR module and the internet, at this moment it is communicating with the internet through the internal network and it is already filtering but I would like it to go online through the same FW.

Marvin Rhoads · ‎05-09-2018

Please dont post your messages in code text boxes. It makes them very difficult to read.

Your URL lookups always need to go out from the sfr module. That module can use the same firewall as a gateway but you cannot use the firewall's external (or internal) address as the source IP.