Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3368
Views
0
Helpful
7
Replies

RV220W - Content filtering not working (?)

z584532697
Level 1
Level 1

‎06-17-2011 01:44 AM

Hello, I bought a router model RV200W fw 1.0.1.0... nice toy.

It all works very well with the exception of content filtering. The rule only works if connections are made with the HTTP protocol, but if the user connects with HTTPS, then the rule is not considered... (???)

f.e.:

http://facebook.com (content filtered)

https://facebook.com (content NOT filtered)...

What the hell ! where I'm wrong ?

Does anyone is experiencing the same ?

Labels:
0 Helpful
7 Replies 7

Te-Kai Liu
Level 7
Level 7

‎06-18-2011 03:32 PM

URL filtering on the Small Business routers only works with http traffic. This is a common limitation due to the limited processing power of the CPUs used on these products.

0 Helpful

abudef000
Level 1
Level 1
In response to Te-Kai Liu

‎06-19-2011 01:02 AM

I do not understand - filter URL (identify text value and find the matching value in predefined filter set) "https://facebook.com" consumes more CPU power than "http://facebook.com"?

EDIT: It´s clear that content filtering cannot work over an encrypted layer ...

0 Helpful

z584532697
Level 1
Level 1

‎06-19-2011 01:57 AM

absolutely incredible...

0 Helpful

V K Moorthy
Level 1
Level 1

‎06-20-2011 12:56 AM

HTTPS traffics URL filtering are not supported by Small business routers. 

0 Helpful

z584532697
Level 1
Level 1

‎06-20-2011 01:46 AM

Yes, the correct title was "URL FILTERING NOT WORKING"...thanks abudef000

I do not want be polemical, but I do not understand where I went wrong.

Before I buy I looked @

http://www.cisco.com/en/US/prod/collateral/routers/ps9923/ps11025/data_sheet_c78-630461.html

Check it out.

Could you assume that HTTPS URLs are not in the sentence "Static URL blocking, keyword blocking, approved URL" as stated in the product sheet ?

0 Helpful

streaves
Cisco Employee
Cisco Employee
In response to z584532697

‎06-20-2011 11:31 AM

Please consider the ASA 5500 Series Adaptive Secuirty Aplliances if you're seeking this functionality. See:

http://www.cisco.com/en/US/products/ps6120/index.html.

Thanks,

Stephanie Reaves

Cisco Small Business

0 Helpful

abudef000
Level 1
Level 1
In response to z584532697

‎06-20-2011 03:47 PM

Stefano,

try to use firewall rules for the most critical webs. You have to search many IPs, but it´s the only way with Cisco SB Router. You can block either target IP address or IP address range.

EDIT: Other way is combine URL filtering and generally block HTTPS (port 443) by firewall rule. You can allow concrete https sites by another firewall rules (be careful of rules sequence).

Why we buy Cisco Small Business Router when we can buy far more expensive Cisco Enterprise devices to our Home Offices ;-)

Preview file
56 KB
0 Helpful
Customers Also Viewed These Support Documents