Hi, I want to block the usage of internet for Inside users except few websites. Please advice.
The QA testing team test some application by connecting remote servers which is connected by STS Tunnel. And I have opened IP protocol between both Sites and they test the application which is using a port 80. Here, I would say that the network must not be blocked if we make any rule for Inside Users.
u can block and make filtering on the application layer through MPF as with Rate limiting
but this gonna be a bit more comlicated as u have to make some regular expretion and more class-maps
i will guid u through it bellow:
first u wanna allow only the spesified websites and any other websites will be blocked!
lets say u gonna allow youtube.com and yahoo.com and any other websites should be blcked
first creat regular expretion to match those URLS
regex URLLIST1 "\.yahoo\.com"
regex URLLIST2 "\.youtube\.com"
then creat ACL matching web traffic
access-list 101 permit ip any any eq www
access-list 101 permit ip any any eq https
access-list 101 permit ip any any eq 8080
match access-list 101
creat class-map for the regex created above(URLLIST)
class-map type regex match-any allowed-sites
match regex URLLIST1
match regex URLLIST2
now creat inspection class map for web traffic matched with class above
class-map type inspect http match-all blocking-urls
match not request header host regex class allowed-sites
notce there is not in the comman here this mean match any thing except the urls we have match above
so we are exculding the match URLs and bellow we gonna mak a policy and the action we gona tak is drop
creat http inspection policy
policy-map type inspect http block_URLS
now if u look above we creat ACL 101 that match web traffic and match with class-map called webtraffic
now we gonna apply the above http inspection policy to that traffic
inspect http block_URLS
now apply it to ur inside interface
service-policy inside-policy interface inside
please, rate if helpful