SA520 / SA540 - URL Content filtering on another port

Unanswered Question
May 4th, 2010

Hello community,

I would like to know if it was possible to block an URL with SA520/SA540 if in the browser configuration I manually specify a proxy with a port different from port 80.

In my scenario :

If I don't define a proxy address in my browser and allow only www.cisco.com on the the SA, then it works => Access to www.cisco.com ONLY is authorized.

If in my browser I define a proxy address (with port 8080), I can access to other sites (SA520/540 rule are by-passed).

My goal is to filter with SA and proxy on port 8080. Is it possible to achieve that ?

Thanks a lot.

Regards.

Karim

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
krahmani323 Wed, 05/05/2010 - 05:47

Hello PK and thanks for your feedback.

As I am a newbie on this kind of device, where in the SA520 GUI menus can I configue this URL filtered class-map in order to match port:8080 traffic ? I don't find it..

Thank you.

Panos Kampanakis Wed, 05/05/2010 - 06:12

Yes, under the class-map you should be able to define an ACL to match your traffic that will be URL filtered.

You will be matching on source and destination (usually any) and then tcp port.

I hope it helps.

PK

krahmani323 Wed, 05/05/2010 - 07:40

Hello PK thank you very much for your collaboration on this post,but after having read again the SA 500 Series Security Applicances admin guide:

(http://www.cisco.com/en/US/docs/security/multi_function_security/multi_function_security_appliance/sa_500/administration/guide/SA500_AG_OL1911403.pdf),

I can find the configuration in GUI for approved/blocked URL is possible (Firewall on the menu bar, then Content Filtering > Approved URLs or Blocked URLs), but there is no such configuration for class-map in my Security Appliance GUI administration. Do you mean this matching acl under class-map has to be configured on another location?

Thanks again.

Karim

Actions

This Discussion