ASA 5505 and non-local Smart Filter

Unanswered Question
Jun 13th, 2007
User Badges:

Greetings.


We have a site where there are several remote buildings that connect through a VPN to the main office at that location, and the main office then connects to our larger WAN.


We split the tunnels at these remote locations so surfing and whatnot uses local bandwidth.


We want to filter the web surfing at these locations, and have a web filter set up at the main office for that site, but the ASA's are not able to connect to the URL filter on the other end of the VPN tunnel.


Is what we're trying to do a supported configuration?


We could set it up so the outside IP of the ASA's has access to the internal URL filter, but we're using transparent authentication and I'm concerned about passing user credentials through an non-secured connection.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Anonymous (not verified) Wed, 06/20/2007 - 11:56
User Badges:

The PIX firewall can be configured to communicate with a Websense server to restrict outbound HTTP traffic (FTP and HTTPS in 6.3). The Websense server's essential responsibility is to create and enforce a set of policies to allow or deny access to specific URLs

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a00801e4197.shtml

Actions

This Discussion