Directing traffic through McAfee SmartFilter

Unanswered Question
Apr 27th, 2010

Hello All-

How can I configure my ASA or router to send the web traffic to McAfee smartfilter server before the user can browse the Internet

I can get out to the internet bypassing the proxy.  Now the next step is to see how I get smartfilter working

This is what I put on my router

ip nat inside source list NatAccessList interface Ethernet1 overload

!

ip access-list extended NatAccessList

permit ip 10.0.0.0 0.255.255.255 any

!

Interface e1

Ip nat outside

!

Interface e0

Ip nat inside

Thanks

Bo

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
astripat Tue, 04/27/2010 - 13:36

Hi Bo,

You can configure url filtering on the ASA so that the request are first sent to the filtering server before it can be processed. The ASA supports N2H2 or websense for filtering. This can be configured as follows:

I am assuming that the ip address of the filtering server is 10.0.1.1 and it is located on the inside.

Using N2H2, the following example filters all outbound HTTP connections except those from the 10.0.2.20 host:

hostname(config)# url-server (inside) vendor n2h2 host 10.0.1.1
hostname(config)# filter url http 0 0 0 0
hostname(config)# filter url except 10.0.2.20 255.255.255.255 0 0

Using Websense, the following example filters all outbound HTTP connections except those from the 10.0.2.20 host:

hostname(config)# url-server (inside) vendor websense host 10.0.1.1 protocol TCP 
version 4
hostname(config)# filter url http 0 0 0 0
hostname(config)# filter url except 10.0.2.20 255.255.255.255 0 0
If you want to filter https traffic also, then we would need the following as well
filter https 0 0 0 0 0
Also, it would be best to use the "allow" keyword at the end of the filter statements, so that if the filtering server goes down, the internet access is not lost, as follows:
filter url http 0 0 0 0 allow
HTH
Ashu

Actions

This Discussion