Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
6064
Views
8
Helpful
7
Replies

URL on Cisco FirePower

KEOPUTMANO
Level 1
Level 1

‎06-14-2017 07:40 AM - edited ‎03-12-2019 02:35 AM

I just built Cisco ASA with FirePower as Internet Gateway with full features. I would like to filter some URLs like Porn, Social Media, Streaming Media... However it's not working as expected. There are some issue like:

- I configured URL filter with category 'Adult and Pornography'. Then I tried to open some porn website such as https://xnxx.com and it was working. I monitored with Event Connection it allowed because this URL didn't in 'Adult and Pornography', it's unknown Category. I thought the issue related to the URL filtering DB. However CSI is up to date.

- I'm not sure why Youtube still working properly. I thought it may need some technique to filter.

 

1 person had this problem
Labels:
0 Helpful
7 Replies 7

Marvin Rhoads
Hall of Fame
Hall of Fame

‎06-14-2017 07:52 AM

That's odd. Cisco's FirePOWER products use Brightcloud's category and reputation service and that site definitely shows up as adult and pornography:

http://www.brightcloud.com/tools/url-ip-lookup.php

Can you share a screenshot of your relevant Access Control Policy rule and confirm that it has been successfully deployed?

KEOPUTMANO
Level 1
Level 1
In response to Marvin Rhoads

‎06-14-2017 08:28 AM

I will screenshot and let you see the Rule Configuration and Connect Event which URL traffic proceed. 

0 Helpful

Oliver Kaiser
Level 7
Level 7

‎06-15-2017 01:47 AM

What ASA model are you using?

What version of FMC & Firepower module are you using?

KEOPUTMANO
Level 1
Level 1
In response to Oliver Kaiser

‎06-15-2017 09:12 AM

I'm using Cisco Firepower 6.2.0 on Cisco ASA and I manage it by ASDM. Do you have any experiences to block Youtube? I have tried to block by category "Streaming Media" but it wasn't success. 

Thanks,

Mano

0 Helpful

Sheraz.Salim
VIP Alumni
VIP Alumni
In response to KEOPUTMANO

‎01-06-2019 09:47 AM

if you  need to block youtube then you need SSL encap/decap. because if a client type https://youtube.com than FP can not block this connection unless you have a SSL decap on box.

please do not forget to rate.
0 Helpful

subbu1987
Level 1
Level 1

‎01-06-2019 09:02 AM

It looks no body have an answer to weird behaviour of FP(FMC 6.2.2) .We are struggling since one month and even cisco TAC doesn't have answer yet

0 Helpful

Sheraz.Salim
VIP Alumni
VIP Alumni
In response to subbu1987

‎01-06-2019 09:32 AM

I had a same issue after spending countless hours i find the issue. I am using 5506-x with URL,MAL,IPS lic on FMC.

whent you define a rule in ACP make sure you leave any your security zone and any interface i have attach the photo. once done then tetst it will work. i am uisng 6.2. and its blocking the adult and dirty websites.

Capture.PNG

 

please do not forget to rate.
Preview file
11 KB
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card