cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
598
Views
0
Helpful
4
Replies

SA520 / SA540 - URL Content filtering on another port

krahmani323
Level 3
Level 3

Hello community,

I would like to know if it was possible to block an URL with SA520/SA540 if in the browser configuration I manually specify a proxy with a port different from port 80.

In my scenario :

If I don't define a proxy address in my browser and allow only www.cisco.com on the the SA, then it works => Access to www.cisco.com ONLY is authorized.

If in my browser I define a proxy address (with port 8080), I can access to other sites (SA520/540 rule are by-passed).

My goal is to filter with SA and proxy on port 8080. Is it possible to achieve that ?

Thanks a lot.

Regards.

Karim

4 Replies 4

Panos Kampanakis
Cisco Employee
Cisco Employee

Is port 8080 traffic matched in URL filtered class-map?

Please verify that.

PK

Hello PK and thanks for your feedback.

As I am a newbie on this kind of device, where in the SA520 GUI menus can I configue this URL filtered class-map in order to match port:8080 traffic ? I don't find it..

Thank you.

Yes, under the class-map you should be able to define an ACL to match your traffic that will be URL filtered.

You will be matching on source and destination (usually any) and then tcp port.

I hope it helps.

PK

Hello PK thank you very much for your collaboration on this post,but after having read again the SA 500 Series Security Applicances admin guide:

(http://www.cisco.com/en/US/docs/security/multi_function_security/multi_function_security_appliance/sa_500/administration/guide/SA500_AG_OL1911403.pdf),

I can find the configuration in GUI for approved/blocked URL is possible (Firewall on the menu bar, then Content Filtering > Approved URLs or Blocked URLs), but there is no such configuration for class-map in my Security Appliance GUI administration. Do you mean this matching acl under class-map has to be configured on another location?

Thanks again.

Karim

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: