Websense issues?

Unanswered Question
Mar 2nd, 2009
User Badges:

Hey there. I'm having a problem with websense. The websense is already installed and used by a PIX to limit web browsing for the internal wired users.

I have now installed a wireless LAN which terminates on a seperate box - an ASA. The ASA is connected to both the PIX and websense on the inside LAN. I have copied the config from the PIX for the websense filtering (this works fine), but changed the source IP address to the wireless LAN range.


I have attached the config and relevant show commands below. It doesn't look like the ASA is actually sending the request to websense? The wireless users have unrestricted web access which I don't want to happen. Any ideas anyone?


ASA# sh running-config | inc url

url-server (inside) vendor websense host 10.135.6.248 timeout 10 pro

rsion 1 connections 5

filter url http 10.213.133.0 255.255.255.128 0.0.0.0 0.0.0.0 allow

filter url 443 10.213.133.0 255.255.255.128 0.0.0.0 0.0.0.0 allow


ASA# sh runn int g0/3.11

!

interface GigabitEthernet0/3.11

vlan 11

nameif wlan-guest

security-level 10

ip address 10.213.133.1 255.255.255.128

ASA# sh nameif

Interface Name Security

GigabitEthernet0/0 outside 0

GigabitEthernet0/1 inside 100

GigabitEthernet0/2 internet 50

GigabitEthernet0/3.10 wlan-management 60

GigabitEthernet0/3.11 wlan-guest 10

Management0/0 websense 40

ASA# sh runn int g0/1

!

interface GigabitEthernet0/1

description == Connection To LAN ==

nameif inside

security-level 100

ip address 10.135.6.202 255.255.255.128

ASA#


ASA# sh url-server statistics


Global Statistics:

--------------------

URLs total/allowed/denied 0/0/0

URLs allowed by cache/server 0/0

URLs denied by cache/server 0/0

HTTPSs total/allowed/denied 0/0/0

HTTPSs allowed by cache/server 0/0

HTTPSs denied by cache/server 0/0

FTPs total/allowed/denied 0/0/0

FTPs allowed by cache/server 0/0

FTPs denied by cache/server 0/0

Requests dropped 0

Server timeouts/retries 0/0

Processed rate average 60s/300s 0/0 requests/second

Denied rate average 60s/300s 0/0 requests/second

Dropped rate average 60s/300s 0/0 requests/second


Server Statistics:

--------------------

10.135.6.248 UP

Vendor websense

Port 15868

Requests total/allowed/denied 0/0/0

Server timeouts/retries 0/0

Responses received 0

Response time average 60s/300s 0/0


URL Packets Sent and Received Stats:

------------------------------------

Message Sent Received

STATUS_REQUEST 20 20

LOOKUP_REQUEST 0 0

LOG_REQUEST 0 NA


Errors:

-------

RFC noncompliant GET method 0

URL buffer update failure 0

ASA#


Many thanks

Darren

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.

Actions

This Discussion