Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1046
Views
0
Helpful
2
Replies

Access List

reginaldjohnson
Level 1
Level 1

‎05-25-2020 06:24 PM

I would like to create a Class Map Policy that will allow URL traffic. The ACL extended do not filter URL traffic, only IP address traffic. This class-map policy can do URL filter but I am finding instruction on how to drop traffic but not allow URL traffic. I need instructions on how to allow URL traffic using class-map policies.  

Labels:
0 Helpful
2 Replies 2

reginaldjohnson
Level 1
Level 1

‎05-25-2020 06:27 PM

Forgot to mention the model: Cisco 2811
0 Helpful

reginaldjohnson
Level 1
Level 1
In response to reginaldjohnson

‎05-25-2020 08:15 PM

I might have resolved my own problem. I was using drop instead on pass on the class-map policy. 

 

class-map type inspect match-any allow
match protocol icmp
!
policy-map type inspect allow-policy
class type inspect allow
pass


zone security INSIDE
zone security OUTSIDE
zone-pair security OUTSIDE_TO_INSIDE source INSIDE destination OUTSIDE
service-policy type inspect allow-policy
!
!
interface FastEthernet0/0
description INSIDE
ip address 172.25.1.254 255.255.255.0
zone-member security INSIDE
duplex auto
speed auto
!
interface FastEthernet0/1
description OUTSIDE
ip address 192.168.87.254 255.255.255.0
zone-member security OUTSIDE
duplex auto
speed auto

0 Helpful
Customers Also Viewed These Support Documents