I have a PIX515E (running OS 7.2x) and I need to use it to block specific URLs and IM for most users since they abuse internet access. Some of the top execs should be allowed to access all sites without restrictions. I currently have a "inspect http" rule configured on the firewall and I'm logging all connections. Unfortunately the " Accessed URL" messages in the logs only display the sites' IP address and not the host names requested by the users so it's hard to tell what website they're really visiting (many of them don't have reverse DNS - especially if one IP address is used to host mulitple websties). Is there a way to display the host names? I have "dns domain-lookup" configured/enabled on the firewall. What would you recommend?
Thakn you! :)