11-19-2013 05:45 AM - edited 03-11-2019 08:06 PM
Hello,
can any 1 tell me how to block url like facebook.com or gmail.com through asa
I have cisco ASASM2 which is running on ver 8.5
How can i block those url with ASASM.
Thanks in advance
Khem
11-19-2013 08:13 AM
Looking at the command reference of the ASASM it does not seem as if it supports regex filtering it only does it with Websense and N2H2
http://www.cisco.com/en/US/docs/security/asa/asa84/configuration85/guide/access_filter.html
11-19-2013 08:23 AM
Hello
under
under
Configuring Application Inspection
Configuring Inspection of Basic Internet Protocols
just above of "ICMP Inspection" you will find the following example
hostname(config)# regex url1 "www\.xyz.com/.*\.asp"
hostname(config)# regex url2 "www\.xyz[0-9][0-9]\.com"
hostname(config)# regex get "GET"
hostname(config)# regex put "PUT"
hostname(config)# class-map type regex match-any url_to_log
hostname(config-cmap)# match regex url1
hostname(config-cmap)# match regex url2
hostname(config-cmap)# exit
hostname(config)# class-map type regex match-any methods_to_log
hostname(config-cmap)# match regex get
hostname(config-cmap)# match regex put
hostname(config-cmap)# exit
hostname(config)# class-map type inspect http http_url_policy
hostname(config-cmap)# match request uri regex class url_to_log
hostname(config-cmap)# match request method regex class methods_to_log
hostname(config-cmap)# exit
hostname(config)# policy-map type inspect http http_policy
hostname(config-pmap)# class http_url_policy
hostname(config-pmap-c)# log
Perhaps, it can provide you an idea, in order to modify in a suitable way for you.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide