09-30-2008 05:12 AM - edited 03-12-2019 05:58 PM
We have websense for our url filtering,
Can ASA 5510 be set up to check a primary server, then if that is not available, to check the secondary.
Will the ASA check from top down?
url-server (inside) vendor websense host Websense timeout 10 protocol UDP version 4
url-server (inside) vendor websense2 host Websense timeout 10 protocol UDP version 4
filter url except 10.250.0.0 255.255.0.0 0.0.0.0 0.0.0.0 allow
filter url http 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 allow
filter url 443 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 allow
09-30-2008 05:29 AM
Yes,
You can identify up to four filtering servers per context. The security appliance uses the servers in order until a server responds. You can only configure a single type of server (Websense or Secure Computing SmartFilter ) in your configuration.
ASA-5510-8x(config)# url-server (inside) vendor websense host 1.1.1.1
ASA-5510-8x(config)# url-server (inside) vendor websense host 1.1.1.2
Do rate helpful posts.
Regards,
Sushil
09-30-2008 06:17 AM
Thanks for the reply,
Oops, I had it incorrect, it should be like this right?:
name 10.1.1.1 Websense
name 10.1.1.2 Websense2
url-server (inside) vendor websense host Websense timeout 10 protocol UDP version 4
url-server (inside) vendor websense host Websense2 timeout 10 protocol UDP version 4
filter url except 10.250.0.0 255.255.0.0 0.0.0.0 0.0.0.0 allow
filter url http 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 allow
filter url 443 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 allow
09-30-2008 06:39 AM
Correct.
Glad to help.
Regards,
Sushil
10-06-2008 10:49 AM
Since implementing this I am getting the "url server not responding" every five seconds.
Can I adjust this to something like having the ASA check every two minutes?
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: