I got an ASA5505 with URL-filtering through SmartFilter.
HTTP ist working fine. HTTPS unfortunately can only be blocked on the SmartFilter with the IP address (e.g. https://18.104.22.168)
and not with the domain-name (e.g. https://www.cisco.com/).
On the ASA, the SyslogID 304001 shows only <inside client ip> Accessed URL 22.214.171.124:https://126.96.36.199/ and this is, what the
SmartFilter are checking.
How can I tell the ASA to log/send the URL name to the SmartFilter?
The smartfilter blocks https doing a reverse lookup for all illegit urls.
In other words when it sees the ip address you are https-ing to it checks what domain the ip address belongs and then decides if it needs to block.
The ASA does not know the url because the http has the URL encrypted and so it can't log it.
I hope it makes sense.