URL Filtering on Cisco IOS Router

Unanswered Question
Mar 24th, 2010
User Badges:

Hi,

I am not sure if this is the right location to ask these questions, if not please lead me to the right one.


Under the Network Diagram section of the Filtering on Cisco IOS Router document (http://www.cisco.com/application/pdf/paws/110318/ciscoiosurlfiltering.pdf)  following line is said.


"In this example, the URL filtering server is  located in the inside       network".


What I understand from the line above is, I can locate URL filtering server in "outside network" if I want to. Is that correct ?


My real questions are;


Let say that I have two branch office and HQ and they are connected through site-to-site vpn. Is it possible to use URL filter service for both of my branch office, If I locate  URL filtering server in HQ. If so, do I need extra license.


Thanks in advance.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Jennifer Halim Wed, 03/24/2010 - 20:46
User Badges:
  • Cisco Employee,

You should be able to use the same URL filter server (either websense or n2h2) on your branch office router.

URL filter traffic at your branch office router will be sourced with the outside interface ip address if it is going through the VPN tunnel, hence in your crypto ACL, you would need to configure crypto ACL from the outside interface towards the HQ LAN.

Just be advised that it might be a little slower for the URL filtering feature through the LAN-to-LAN tunnel depending on the internet speed.


Hope that helps.

Actions

This Discussion