Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
490
Views
0
Helpful
1
Replies

IOS urlfilter blocking extra things?

thomasdzubin
Level 1
Level 1

‎04-23-2009 12:00 PM - edited ‎03-09-2019 10:14 PM

I have a Cisco 871 router a client site that I'm using for Internet access and they wanted various sites blocked, so I set up "ip urlfilter":

ip urlfilter source-interface Vlan1

ip urlfilter allow-mode on

ip urlfilter exclusive-domain deny .youtube.com

ip urlfilter exclusive-domain deny .facebook.com

ip urlfilter exclusive-domain deny .limewire.com

ip urlfilter exclusive-domain deny .friendster.com

ip urlfilter exclusive-domain deny .kazaa.com

ip urlfilter exclusive-domain deny .kazaa-lite.com

And it seems to work OK, however "extra" things (with URLs that aren't even in the list) are starting to get blocked and I don't know why.

Here's the output from "show ip urlfilter cache"...

Maximum number of cache entries: 5000

Number of entries cached: 13

--------------------------------------------------------

IP address Age Time since last hit

(In seconds) (In seconds)

--------------------------------------------------------

208.117.236.70 7087 2548

208.117.236.69 19181 4531

208.117.236.75 2190 757

69.63.184.142 12187 12187

69.63.186.12 12660 12489

208.65.153.238 13591 1360

208.65.153.253 18768 64

74.125.53.118 19943 262

208.117.236.74 9821 3710

208.117.236.76 8435 2029

69.63.180.19 12220 12212

66.18.235.247 697 13

74.125.127.118 15427 696

#

IPs, like the last one, 74.125.127.118, which reverse-resolves to "pz-in-f118.google.com" shouldn't be in there should they?

Has anyone seen this strange behaviour before?

Labels:
0 Helpful
1 Reply 1

vmoopeung
Level 5
Level 5

‎04-29-2009 12:45 PM

In order to use the url filter, this requires a 3rd party server that does the url filtering. The two servers would be either N2H2 or Websense. Without the servers, the url filtering can't be done.

The system will go into allow mode when connections to all vendor servers (Websense or N2H2) are down. The system will return to normal mode when a connection to at least one web vendor server is up. Allow mode directs your system to forward or drop all packets on the basis of the configurable allow mode setting: if allow mode is on and the vendor servers are down, the HTTP requests will be allowed to pass; if allow mode is off and the vendor servers are down, the HTTP requests will be forbidden.

http://www.cisco.com/en/US/docs/ios/12_2t/12_2t15/feature/guide/ftwebsen.html

0 Helpful
Customers Also Viewed These Support Documents