Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
337
Views
0
Helpful
1
Replies

Blocking https sites such as youtube with policy map

chandogetrude
Level 1
Level 1

‎04-09-2020 04:29 AM

Hi everybody,

Please can someone help me with this?

I wanted to block users in my company network from visiting social networking sites like  youtube etc, I used the configuration below but it not working.

 

class-map match-any YOUTUBE-URL-FILTER
match protocol http host "*.youtube.com*"


Policy Map youtube
Class YOUTUBE-URL-FILTER
drop

 

int xxxx
ip nbar protocol-discovery
service-policy output youtube

Labels:
0 Helpful
1 Reply 1

Joseph W. Doherty
Hall of Fame
Hall of Fame

‎04-09-2020 08:13 AM

You're sure egress on that interface would have the URL?

I don't recall if NBAR HTTP also matches HTTPS, but as youtube now seems to use the latter, if NBAR doesn't, that could explain your protocol match failure.

BTW, don't believe you need to enable NBAR protocol discovery to use NBAR as you're doing.
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card