Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
322
Views
9
Helpful
2
Replies

URL filtering

Lavanholy
Level 1
Level 1

‎06-27-2007 10:26 PM - edited ‎03-11-2019 03:36 AM

Hi,

I have PIX 515E implemented in my network,there 200 lan users are there ,out of them 10 users are SAP users,they used to access the SAPserver.com site very frequently,I want to allow them to access only the SAPservers.com,I do not want to allow them to access the other web sites other than SAPservers.Can I do it with PIX515E.Please help me how to do it.

Thanks and Regards,

S.Venkataraman.

Labels:
0 Helpful
2 Replies 2

srue
Level 7
Level 7

‎06-28-2007 04:17 AM

You can do true URL filtering using N2H2 or websense products. If you don't want to invest in a 3rd party product, you will have to look up the IP addresses of the hosts that you want to allow them access to and custom create ACL's. You could also use nbar with a policy-map/class-map if you have an IOS router somewhere in the path of data.

rochopra
Cisco Employee
Cisco Employee

‎06-28-2007 04:21 AM

Hi,

This can be achieved if you do authentication of pass through http traffic through RADIUS (ACS)

aaa authentication include http inside RADIUS

After authentication from radius on per user basis you can download ACL (from radius dynamically) which can allow or deny a traffic for user.

Following link can give you more information on pass through authentication:

http://cisco.com/en/US/products/sw/secursw/ps2086/products_configuration_guide_chapter09186a00801fd7e3.html#wp634934

Following link can give you more information on downloading ACL's through Radius:

http://cisco.com/en/US/products/sw/secursw/ps2086/products_configuration_guide_chapter09186a00801fd914.html

Hope this helps.

Regards

Rohit

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card