09-26-2011 05:37 AM - edited 03-11-2019 02:29 PM
Hi,
How do I block this url in a ASA with http inspection?
When I use this expression it does not work: www\.123\.com\/login\/login\.asp
thx,
Marc
09-26-2011 10:18 AM
Pls. see the sample that I listed here for facebook.com
https://supportforums.cisco.com/docs/DOC-1268#Same_domain_allowdeny
-KS
09-26-2011 11:02 AM
I saw your article, but you use "match request header host regex" So it only blocks for example www.123.com but not www.123.com/login/login.asp.
If I use the / in the regex it does not work anymore even if I config it as www\.123\.com\/login\/login\.asp
Any other suggestions?
Regards,
Marc
09-26-2011 05:48 PM
Marc,
Would you pls. try the "uri" option listed here?
http://www.cisco.com/en/US/docs/security/asa/asa82/command/reference/m.html#wp2034126
I will test and post the lines when I get a moment.
-KS
09-27-2011 01:37 AM
Hi,
I looked at the article is this for SIP headers? When I change the config from host to uri it still will not work.
Regards,
Marc
09-27-2011 01:51 AM
Hi,
I found this in the forum (which means that I cannot block whole websites because I have to create them from the host en uri values. If I want to block both websites: www.cisco.com/support/firewall.html and www.googledocs.com/docs/3456/doc.html how do I solve this?):
_________________________________________________________________________________________________
A URL is composed by four parts:
URI identifies a resource, while URL in addition, specifies the access method (network location) like having http//: or ftp:// and then the IP address like http://10.20.30.40
URN is name given to the URL.
Here our scope is the URI and host.
As I said host is found in HTTP header
For http://10.20.30.40/services , the host is "10.20.30.40" and uri is "services"
For http://www.cisco.com/web/about/index.html , the host is "www.cisco.com" and uri is "/web/about/index.html"
You can check it out using wireshark.
_________________________________________________________________________________________________
Regards,
Marc
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide