The Cisco Ironport WSA's specifically use Regular Expressions Flex.
First off, the WSA will only manipulate HTTP. So if the sites in question are indeed in HTTPS, you will need to make sure it gets Decrypted in a Decryption Policy. This can get tricky depending on how you are deployed. I will assume WCCP since that seems to be the most common to me. In a Transparent deployment, the WSA will not know the URL that the client is trying access until it is decrypted. To force a decryption for that specific site(s), you will need to get the Common Name of the SSL Server Certificate. There are many ways to get it, but if you have access to OpenSSL, you can use the following command:
This will complete the SSL handshake and you should see the CN some where in the text message. In your example above, I want to guess that the CN could be *.learning.com. You will need to place learning.com, and .learning.com into a Custom URL Category, and force the traffic to be Decrypted.
How many sites are we referring to? You won't be able to make a RegEx that will catch server32.learning.com/12345, and have the WSA automatically detect 12345, and redirect it to teaching.com/12345. Each one will need to have its own regular expression. So in your example above, this is what I'd do:
In the Access Policies, have the RegEx server32.learning.com/298555, and Redirect it to server32.teaching.com/298555. Depending on how many you need to do, you're going to need 1 single URL category for each. Excessive URL categories are known to cause performance problems.
Are you trying to have 1 single RegEx do the job? If so, the destination (redirected) URL will not have any correlation with the URL being accessed. The WSA does not have the ability to pull information out of the original URL, and append it to a destined redirection. Was this what you are trying to do?
This issue can get quite sticky. I'd recommend you open a TAC case and speak to an engineer regarding your intentions.
i have an ip that is part of our internal network, i configured route map on the core to redirect the traffic to the firewall for further inspection.i checked the firewall logs i can see the traffic is redirect to the firewall successfully. i could ping o...
Hi, 1)May I know wht it means when context visibility Status showing 'disconnected" and '(blank)'?Difference between 'disconnected" and '(blank)'. Since both devices also not connected.I found tht these devices are no longer connected to the swi...
Hi ,I would like to configure multiple public ip (same subnet) on outside interface of ASA.I want to use static NAT for specific purpose.For example i have 8 public IP and I want to use 1 is internet ,1 for VPN ,1 for DMZ server and all ip want to a...
Hi all, Is it a way to retrieve the IPS policies from our IPS Appliance or censor? I have tried to look for a way but I am not able to do so. May I knwo any way can retrieve the policies from the Appliance either from the Appliance itself o...
Hello,I configured very easy the SSL in RV345 Vpn router, according this doc: https://www.cisco.com/c/en/us/support/docs/smb/routers/cisco-rv-series-small-business-routers/smb5519-configure-secure-sockets-layer-virtual-private-network-ssl-v.htmlI tri...