05-13-2009 05:46 AM - edited 03-11-2019 08:31 AM
Hi
We've got the new IOS Content Filtering (provided by Trend Micro) setup and working mostly good on one of our remote routers, but it is only scanning/blocking HTTP content currently. When I add the HTTPS to the class-map, it complains;
class-map type inspect match-any http-class
match protocol http
match protocol https
policy-map type inspect urlfilter trend-policy
parameter type urlfpolicy trend trend-pm
class type urlfilter whitelist
log
allow
class type urlfilter blacklist
log
reset
class type urlfilter trend drop-category
log
reset
policy-map type inspect insideOut
class type inspect intVPN
inspect
class type inspect insideOut
inspect
class type inspect http-class
inspect global
service-policy urlfilter trend-policy
class type inspect catchAllPrivate
inspect
class class-default
pass log
Is there any way to get IOS content filtering working on HTTPS, or will it always disable when it reboots and sees that HTTPS in the class map? Thanks.
05-13-2009 07:16 AM
Here is the msg displayed when trying to turn on HTTPS content scanning;
%Deep packet inspection action of the configured type not applicable to protocol "Other" in class "http-class". Please remove the protocol and try.
%Unable to attach child policy
07-27-2011 04:02 PM
Hi, I'm having the same problem. You somehow managed to solve it?
07-28-2011 07:52 AM
Sadly, we just stopped using this product as the only way was via white/black lists. Luckily we only have a single client still using this junk software.
Sorry sir
07-28-2011 06:02 PM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide