We have a Cisco ASA firewall in our office. This firewall is used to isolate consultants working for us on a project for us in a seperate network. They bring their own laptop and connect it to consultant subnet. These consultants are only allowed to access internet (http/https traffic) or vpn etc. The firewall rules are implemented on outside interface. To access internet they have to go through our Inside interface & eventually through our Enterprise firewall (seperate from this).
The outside interface (security 0) of Cisco ASA is connected to consultants subnet & inside interface (security 100) is connected to out Production netowrk.
We are trying to implement WebSense integration with Cisco ASA 5510. I have followed instructions from Cisco configuration guide to configure filter rules & specifing url server. But it is not working.
After troubleshooting the problems I found out that HTTP request that originate from a high security level interface destined for a lower security level will trigger the URL filtering. But a HTTP request that originates on a lower security level interface destined for a higher security level interface will skip the URL filtering.
I suspect that the issue lies somewhere with interface security levels and URL filtering. Security levels of the ASA interface are as follows:
Inside interface security level: 100
Outside interface security level 0
So before I go messing with security levels, I wanted to get a 2nd opinion on this issue.