10-18-2002 05:46 AM - edited 02-20-2020 10:18 PM
I have a Websense server that I plugged into one of the spare ethernet interfaces on my PIX 515.
I called the ethernet interface DMZ2 and gave it the ip address of 192.168.1.1.
I gave the Websense server the ip address of 192.168.1.2
What do I need to do allow the PIX and Websense server to communicate and manage/report the web traffic from my network?
Thanks.
10-18-2002 06:03 AM
I dont know how websense works, does it sniff the traffic like an ids do?
To allow the websense server reach your network, and supposing that the network is connected to inside interface.
2 ways are available to achieve this
nat the inside network (with or without traslation) and allow the access in the dmz2 interface.
sample: (local net 10.0.0/24)
access-list 10 permit ip 10.0.0.0 255.255.255.0 any
nat (inside) 0 access-list 10
access-list DMZ2
10-18-2002 07:39 PM
You need to use the 'url-server' command to define the websense server and the 'filter url' command to define what traffic to watch. It would look something like:
url-server (dmz2) vendor websense host 192.168.1.2 timeout 5 protocol TCP version 4
filter url http 0 0 0 0 allow
Check the docs for more details.
Greg
11-02-2002 07:50 AM
I am also using Websense with the Cisco Pix Integration. Do you know how to address https traffic?
If users try to access secure sites they receive a message indicating that authentication is required. For now we have been adding statements in the pix config to exclude authentication to the specified host. This doesnt seem to me to be the right solution or a good short term solution. Do you have any input on this?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide