Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
373
Views
8
Helpful
1
Replies

White List

Kevin Melton
Level 2
Level 2

‎11-25-2008 10:51 AM - edited ‎03-12-2019 05:58 PM

I want to configure a couple of workstations on our network so that they can get only to URL's for Symantec, and then to a specific Web Server that we host that is public.

Short of configuring our ASA 5510 to use WebSense (which is pending), is there any other quick way to implement this control on the ASA for these two specific workstations?

Labels:
0 Helpful
1 Reply 1

jpoplawski
Level 1
Level 1

‎11-25-2008 12:52 PM

I've done this previously, but it's not pretty. Here's what I would do:

1) Setup an Outbound ACL

access-list Outbound-ACL permit ip host (workstation 1) host (Symantec1)

access-list Outbound-ACL permit ip host (workstation 1) host (Symantec2)

access-list Outbound-ACL permit ip host (workstation 1) host (Outside WebServer)

access-list Outbound-ACL deny ip host (workstation 1) any

*** Mirror this for Workstation 2, etc)

access-list Outbound-ACL permit ip any any

2) Apply the ACL to your inside interface

access-group Outbound-ACL in inter inside

It can be a hassle, but it works. I've also done blacklisting (not sure if this fits your environment) and the reference document is here.

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a0080940e04.shtml

Hope this helps, rate if it does,

JB

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card