cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
494
Views
0
Helpful
3
Replies

Blocking people from accesing Proxy servers on net

anuraggambhir
Level 1
Level 1
hii
i have a question ...
suppose i apply the policy to allow only http and https traffic from  router and
blocking all other traffics but before allowing http traffic i list the  some of the website like "facebook" not allowing people in company to  visit these social website ...but what if they go to some proxy website  originate traffic from there to the facebook ???....like cooltunnel.com  is there any policy to block that to????


3 Replies 3

Kureli Sankar
Cisco Employee
Cisco Employee

Besides blocking cooltunnel.com as well, I can't think of anyother way to block this.

-KS

p.charalambous1
Level 1
Level 1

You could use Modular Policy Framework on ASA and filter HTTP traffic based on url content, I think it could solve your problem.

Even if they use a proxy, the HTTP traffic destined to facebook will be inspected by the ASA MPF and drop it.

Actually this is very difficult and time consuming if you want to do this with the ASA.

Either buy CSC-SSM module for the ASA and configure it accordingly or use a web security gateway like ironport.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: