TREND IOS Content FIltering on HTTPS?

Unanswered Question
May 13th, 2009

Hi

We've got the new IOS Content Filtering (provided by Trend Micro) setup and working mostly good on one of our remote routers, but it is only scanning/blocking HTTP content currently. When I add the HTTPS to the class-map, it complains;


class-map type inspect match-any http-class

match protocol http

match protocol https


policy-map type inspect urlfilter trend-policy

parameter type urlfpolicy trend trend-pm

class type urlfilter whitelist

log

allow

class type urlfilter blacklist

log

reset

class type urlfilter trend drop-category

log

reset

policy-map type inspect insideOut

class type inspect intVPN

inspect

class type inspect insideOut

inspect

class type inspect http-class

inspect global

service-policy urlfilter trend-policy

class type inspect catchAllPrivate

inspect

class class-default

pass log


Is there any way to get IOS content filtering working on HTTPS, or will it always disable when it reboots and sees that HTTPS in the class map? Thanks.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
jasonhumes Wed, 05/13/2009 - 07:16

Here is the msg displayed when trying to turn on HTTPS content scanning;


%Deep packet inspection action of the configured type not applicable to protocol "Other" in class "http-class". Please remove the protocol and try.

%Unable to attach child policy

jasonhumes Thu, 07/28/2011 - 07:52

Sadly, we just stopped using this product as the only way was via white/black lists. Luckily we only have a single client still using this junk software.


Sorry sir

danielspallamag... Thu, 07/28/2011 - 18:02

Thanks for your attention


De: jasonhumes

Enviada em: quinta-feira, 28 de julho de 2011 11:53

Para: Daniel Spalla

Assunto: - Re: TREND IOS Content FIltering on HTTPS?


Cisco Support Community


Re: TREND IOS Content FIltering on HTTPS?

created by jasonhumes in Firewalling - View the full discussion

Actions

This Discussion