06-17-2011 01:44 AM
Hello, I bought a router model RV200W fw 1.0.1.0... nice toy.
It all works very well with the exception of content filtering. The rule only works if connections are made with the HTTP protocol, but if the user connects with HTTPS, then the rule is not considered... (???)
f.e.:
http://facebook.com (content filtered)
https://facebook.com (content NOT filtered)...
What the hell ! where I'm wrong ?
Does anyone is experiencing the same ?
06-18-2011 03:32 PM
URL filtering on the Small Business routers only works with http traffic. This is a common limitation due to the limited processing power of the CPUs used on these products.
06-19-2011 01:02 AM
I do not understand - filter URL (identify text value and find the matching value in predefined filter set) "https://facebook.com" consumes more CPU power than "http://facebook.com"?
EDIT: It´s clear that content filtering cannot work over an encrypted layer ...
06-19-2011 01:57 AM
absolutely incredible...
06-20-2011 12:56 AM
HTTPS traffics URL filtering are not supported by Small business routers.
06-20-2011 01:46 AM
Yes, the correct title was "URL FILTERING NOT WORKING"...thanks abudef000
I do not want be polemical, but I do not understand where I went wrong.
Before I buy I looked @
http://www.cisco.com/en/US/prod/collateral/routers/ps9923/ps11025/data_sheet_c78-630461.html
Check it out.
Could you assume that HTTPS URLs are not in the sentence "Static URL blocking, keyword blocking, approved URL" as stated in the product sheet ?
06-20-2011 11:31 AM
Please consider the ASA 5500 Series Adaptive Secuirty Aplliances if you're seeking this functionality. See:
http://www.cisco.com/en/US/products/ps6120/index.html.
Thanks,
Stephanie Reaves
Cisco Small Business
06-20-2011 03:47 PM
Stefano,
try to use firewall rules for the most critical webs. You have to search many IPs, but it´s the only way with Cisco SB Router. You can block either target IP address or IP address range.
EDIT: Other way is combine URL filtering and generally block HTTPS (port 443) by firewall rule. You can allow concrete https sites by another firewall rules (be careful of rules sequence).
Why we buy Cisco Small Business Router when we can buy far more expensive Cisco Enterprise devices to our Home Offices ;-)
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide