Does the FWSM can be used to block specific websites? If yes, kindly send me the link so I can study it.
Appreciate your help. Thanks in advance.
The FWSM needs acl applied on all interfaces for traffic to flow.
It doesn't matter if you are using a proxy server. If you can resolve the name of the website to an IP address (hope that doesn't change) you can add a deny for this destination ip address on the FWSM interface that is facing the proxy server.
proxy ip 10.10.10.1--vlan10--FWSM---vlan20-Internet website (192.168.1.1)
I am using private addresses here:
you would add an acl to the access-list applied on vlan10.
access-list vlan10-in deny tcp host 10.10.10.1 host 192.168.1.1 eq 80
access-list vlan10-in permmit tcp host 10.10.10.1 any eq 80
access-g vlan10-in in int vlan10
You are denying the flow and then permitting the rest.