Hello, have a problem with rule for ASA 5505. I need block all tarffic except maps.google.com:
regex googleMAP "maps\.google\.com"
class-map type inspect http match-all BlockDomainsClass
match not request header host regex class DomainBlockList
policy-map type inspect http http_incspect_policy
protocol-violation action drop-connection
match request method connect
This rule works, but not all maps are opened and maps are partially.
How I can use all ip maps.google.com:
More likely than not, google maps uses a lot of different domains then just maps.google.com for context and files to load the maps. I highly suggest you install the "Tamper Data" extension in Firefox as it will list all the requests your browser makes. That way you can see what domains and sub-domains are involved in loading google maps. You can get Tamper Data here:
Once installed, load it from Firefox's tools menu. Once it is open, browse and use google maps. Youw ill see all the requests made and the URLs. That way you can adjust and tune your policy accordingly.
When I tested just now I saw:
Go ahead and try it your self and see what you find!