cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

2911
Views
0
Helpful
4
Replies
Highlighted
Beginner

URL Filtering not working on ASA Firepower 5506-X

Hi everyone, first of all i'm very new at cisco firewall so i may have made big mistakes in my configuration. I'm trying to configure a Firepower ASA 5506-X to use the URL Filtering for blocking access to some websites.

Everything goes well, i followed the explanation on Cisco Website:

- I updated my ASA and ASDM

- I created a service policy rules (match any) to redirect the traffic to the Firepower

- I created a new rule

- Saved everything and Deploy

But nothing happens. I can still access to everything i tried to block. I also notice in ASA Firepower Reporting that nothing move like i didn't redirect the traffic. A little help will be appreciate, thanks.

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted

Hi again, i discover an odd thing. In the monitoring of the ASAFirepower, it shows the connection at Youtube.com as blocked as i wanted but in fact i can still navigate. After some testing i noticed that i seems to work on Edge but not in Chrome. 

 

EDIT: The problem is solved. Just wanted to share it in case somebody need it. The configuration was fine but i was only testing with Chrome and Youtube as URL. There is a known issue i found in Cisco Bug Search Tool and there is a workaround for Chrome and Youtube by disabling QUIC.

Thanks everybody.

View solution in original post

4 REPLIES 4
Highlighted
Hall of Fame Guru

In your Rules.JPG attachment it shows the box for "Enable ASA Firepower for this traffic flow" as unchecked. It needs to be checked.

Highlighted
Engager

hi, marvin is correct. you'll need to redirect traffic to the FP module for inspection. see helpful link:

http://wannabecybersecurity.blogspot.com/2019/01/cisco-asa-firepower-traffic-redirection.html

i would also suggest adding a top most rule (rule #1) to allow DNS. see helpful link:

http://wannabecybersecurity.blogspot.com/2019/02/configuring-cisco-firepower-access.html

Highlighted

Hi, thank you for answer. I have tried and still no luck. I took the screenshot while i was creating the rule, and i did it too quickly. I will try yours suggestions right now. Thanks
Highlighted

Hi again, i discover an odd thing. In the monitoring of the ASAFirepower, it shows the connection at Youtube.com as blocked as i wanted but in fact i can still navigate. After some testing i noticed that i seems to work on Edge but not in Chrome. 

 

EDIT: The problem is solved. Just wanted to share it in case somebody need it. The configuration was fine but i was only testing with Chrome and Youtube as URL. There is a known issue i found in Cisco Bug Search Tool and there is a workaround for Chrome and Youtube by disabling QUIC.

Thanks everybody.

View solution in original post

Content for Community-Ad

This widget could not be displayed.